Explore >> Select a destination
|
You are here 
|
pentestlab.blog | ||
| | | | |
marcusedmondson.com
|
|
| | | | | Today I wanted to do a quick blog post on how to test your security tools to find the Windows binary mshta.exe downloading a malicious .hta file. My setup is an Elastic Stack VM, a Windows endpoint configured with Elastic's endpoint agent. In addition, I used a Parrot security VM as my attacking machine and... | |
| | | | |
bohops.com
|
|
| | | | | [Source: blog.microsoft.com] What is Vshadow? Vshadow (vshadow.exe) is a command line utility for managing volume shadow copies. This tool is included within the Windows SDK and is signed by Microsoft (more on this later). Vshadow has a lot of functionality, including the ability to execute scripts and invoke commands in support of volume shadow snapshot... | |
| | | | |
countuponsecurity.com
|
|
| | | | | Following our last article about the Prefetch artifacts we will now move into the Windows Registry. When conducting incident response and digital forensics on Windows operating systems one of the sources of evidence that is normally part of every investigation is the Windows Registry. The Windows Registry is an important component of the OS and... | |
| | | | |
thehackernews.com
|
|
| | | Czechia and Germany reveal they were targets of a massive cyber espionage campaign by Russia-linked APT28 hacker group. | ||
