Maybe it was a random blue screen or a weird glitch that just happened to have occurred after viewing a viral video of "Cats on Bicycles Volume 3" but you definitely feel that your machine just got hacked. So, what do you do? Reload and re-install everything? Run anti-virus and call it a day? Or how about we bust out some sexy forensics and find out if there,s some evilness installed on your system because that,s exactly what we are going to do in this talk. This talk will focus on finding evil on a system. I will cover some of the basics of acquiring forensic images for analysis, narrowing down what files are good/evil, some common places malware likes to hide, Malware evasion/persistence/detection techniques, build your own Indications of compromise, scan your network with custom IOCs and do it all using some free tools from the internet (Volatility, Redline, SIFT, Bulk_extractor, Log2Timeline, Autorunsc.exe, dumpit, FTK-Imager, Malwr.com, and many more!). If you have ever been interested in where to even begin to look for Evil running on your system then this talk is for you!
If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek