Process Hunting

Check out our free course!

Read this: https://resources.infosecinstitute.com/category/enterprise/threat-hunting/threat-hunting-process/

Read this. https://www.rsaconference.com/writable/presentations/file_upload/hta-t07r-license-to-kill-malware-hunting-with-the-sysinternals-tools_final.pdf

Now we are going to complete this little tutorial so that you can learn all about Sysinternals! I need to put some time into this, but you will get enough out of this without any extra guidance that it is worthwhile. Using this link, complete all lessons from the site.

https://www.howtogeek.com/school/sysinternals-pro/lesson1/

  1. What Are the SysInternals Tools and How Do You Use Them?
  2. Understanding Process Explorer
  3. Using Process Explorer to Troubleshoot and Diagnose
  4. Understanding Process Monitor
  5. Using Process Monitor to Troubleshoot and Find Registry Hacks
  6. Using Autoruns to Deal with Startup Processes and Malware
  7. Using BgInfo to Display System Information on the Desktop
  8. Using PsTools to Control Other PCs from the Command Line
  9. Analyzing and Managing Your Files, Folders, and Drives
  10. Wrapping Up and Using the Tools Together

I know it is a lot of work but it is great stuff and I should create deliverables, I will eventually.

For now, when you are done, explain a hypothetical hunt process using these tools. No more than 2 or 3 sentences.

Visit the course page!

Hoppers Roppers 2020            Date: 2020-06-10 23:05:02

results matching ""

    No results matching ""