Home Software Incident Response Script for APT Hunting

Incident Response Script for APT Hunting


Sergey Golovanov and Igor Soumenkov have prepared a New Year present for DFIR community: they have presented their script for APT hunting across the enterprise. They use this script to collect logs, NTFS data, entries from the Windows registry and strings from the binary files to find out how exactly the attackers are moving through the network. You can learn more about it here.

Load More Related Articles
  • Make Your Debian a Forensic Workstation

    If you are looking for a SIFT replacement and already have a Debian workstation, this pack…
  • Autopsy 4.6.0 Linux Beta 1

    The first beta Linux version of your favourite open source DFIR tool Autopsy. You can down…
  • Introducing USB Detective

    Jason Hale has presented his USB Detective tool in this post. USB Detective aims to ease t…
Load More In Software

Leave a Reply to Anonymous Cancel reply

Your email address will not be published. Required fields are marked *