Home Software Incident Response Script for APT Hunting

Incident Response Script for APT Hunting


Sergey Golovanov and Igor Soumenkov have prepared a New Year present for DFIR community: they have presented their script for APT hunting across the enterprise. They use this script to collect logs, NTFS data, entries from the Windows registry and strings from the binary files to find out how exactly the attackers are moving through the network. You can learn more about it here.

Load More Related Articles
  • Invoke-LiveResponse

    Invoke-LiveResponse is a module for Live Response and Forensic collections over WinRM writ…
  • Pagefile forensics: page_brute

    page_brute.py is a digital forensic tool purposed to analyze and categorize individual pag…
  • Mac MRU Parser v1.5 has been released

    Sarah Edwards has released the new version of Mac MRU Parser – 1.5. Now the script c…
Load More In Software

Leave a Reply

Your email address will not be published. Required fields are marked *