Awesome-Mirrors/my-infosec-awesome
1
0
Fork 0
mirror of https://github.com/pe3zx/my-infosec-awesome.git synced 2025-01-10 23:29:34 -05:00
Code Issues Packages Projects Releases Wiki Activity

Articles: Digital Forensics and Incident Response: Malicious PowerShell in the Registry - Persistence

Browse Source
This commit is contained in:
pe3zx 2018-06-19 15:29:04 +07:00
parent 200f3590cb
commit 1cb5760fa3
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -102,6 +102,7 @@ My curated list of awesome links, resources and tools
- [Logging Keystrokes with Event Tracing for Windows (ETW)](https://www.cyberpointllc.com/srt/posts/srt-logging-keystrokes-with-event-tracing-for-windows-etw.html)
- [Looking at APT28 latest Talos Security write up and how YOU could catch this type of behavior](https://hackerhurricane.blogspot.com/2017/10/looking-at-apt28-latest-talos-security.html)
- [MAC(b) times in Windows forensic analysis](https://andreafortuna.org/mac-b-times-in-windows-forensics-analysis-c821d801a810)
- [Malicious PowerShell in the Registry: Persistence](http://az4n6.blogspot.com/2018/06/malicious-powershell-in-registry.html)
- [Memory Acquisition and Virtual Secure Mode](https://df-stream.com/2017/08/memory-acquisition-and-virtual-secure/)
- [pwndizzle/CodeExecutionOnWindows - A list of ways to execute code on Windows using legitimate Windows tools](https://github.com/pwndizzle/CodeExecutionOnWindows)
- [RecentApps Registry Key](https://df-stream.com/2017/10/recentapps/)