In this Anti-Cast, Gerard Johansen will give you a glimpse of his upcoming training class, Enterprise Forensics and Response. Gerard's course is designed to provide you with an understanding of the incident investigation process, objective oriented analysis and response, intrusion analysis and an exploration of ...
Chat with your fellow attendees in the Antisyphon Discord server:https://discord.gg/antisyphonin the #🍿anticasts-chat channel Stay up to date on our upcoming live Anti-Casts and more at https://poweredbybhis.com
If you’ve been using the Linux command line for a long time, you may have missed out on some sweet new features of common commands that can make your life much better. Join Sensei Hal as we break down some practical examples and demonstrate some ...
This webcast will explore the vast amount of challenges faced by blue teamers and how they can stay ahead of the curve. Through a ransomware attack example, we’ll discuss the broad range of skills and knowledge needed to respond effectively to advanced threats. We’ll elaborate ...
Widespread availability of PoC Linux LD_PRELOAD rootkits means that even trivial cryptomining attacks are starting to deploy them. This talk demonstrates a simple LD_PRELOAD rootkit and techniques for detecting them in a live response scenario and by memory analysis. Get the jump on your adversaries ...
The long-awaited update to Sysmon is here. Microsoft has recently released version 15. This updated version of the popular logging tool includes new features and provides responders insight into endpoint behavior. In this Anti-Cast, Gerard Johansen, digital forensics practitioner and course author of Enterprise Forensics ...
This Anti-Cast session explores advanced techniques and tools for extracting valuable information from diverse online platforms, social media, public databases, and breaches. By emphasizing responsible approaches to OSINT, attendees will learn how to navigate vast data sources, analyze digital footprints, and uncover the hidden gems ...
Active Directory loves spewing hashes, all kinds of them. This talk will focus on NetNTLM (or NTLM, call it what you will) hashes. We'll chat about how they can be obtained and used for privilege escalation and lateral movement. Here's what we'll cover: We'll break ...
Chat with your fellow attendees in the Antisyphon Discord server:https://discord.gg/antisyphonin the #🍿anticasts-chat channel Stay up to date on our upcoming live Anti-Casts and more at https://poweredbybhis.com
Despite being a common Linux file system, forensic support for XFS is still largely lacking. In this session, Hal will describe how to turn the humble xfs_db tool into a useful forensic application for examining XFS file system internals and finding critical evidence. Attackers aren’t ...
TellTail is a free and open source application that makes it easy to view and learn about PowerShell logging. In this webcast we will enable/disable the various PowerShell logging options and watch the effect it has on what gets logged. Come to this webcast to ...
Based on recent threat reports, a growing number of bad actors are bringing vulnerable drivers to victim environments to exploit and guarantee a more successful attack path. These kernel drivers are legitimate, trusted and... vulnerable! Amazingly, some have CVEs dating back to 2015 or earlier. ...
