So you think you might have a compromised Windows system. If you do, where do you start? How would you review the memory of that system? What are the first 10 commands you’d run to see if it’s actually compromised?
This webcast will be based on SANS 504, and will introduce attendees to some free sample memory dumps and command output of compromised systems. BHIS has spent a fair amount of time creating samples for everyone to play with to sharpen their skills!