Ways to Identify Malware on a System
Ryan Irving

This talk will discuss ways to identify malware on a system including initial alerts, such as local endpoint security, IDS, proxy logs, users informing an admin, etc. He will go over Prefetch, certain registry keys,local Internet History/Caches,network related logs, file location, odd looking/out of place files. He will also discuss memory captures (mention tools that do it), perform hands on demo of Volatility, and discuss findings.

Back to BSides Tampa 2015 video list