Mass Digital Forensics & Incident Response with Velociraptor скачать в хорошем качестве

Mass Digital Forensics & Incident Response with Velociraptor

This is the 1st video of 2 separate videos -- in the next video, Matt will showcase hunting malware with Velociraptor! MASSIVE thank you to Mike Cohen and Matt Green for joining me for this video!   / scudette   ||   / mgreen27   Thanks to @iamkingsage8571 for contributing timestamps! 00:00 Introduction 01:08 Velociraptor VFS 04:05 Artifacts & Automation w/ VQL 06:16 Sigma Rule matching w/ Hayabusa 07:20 Waiting on Hayabusa to finish scan. 09:20 How does Hayabusa compare to Chainsaw? 10:40 Parsing Hayabusa Findings 13:40 PsTree Attempt 1 w/PsList 17:55 PsTree Attempt 2 w/Velociraptor Process Tracker 19:50 Velociraptor Process Tracker 22:35 PSExec Change in v2.30 & How to look for the usage of PSExec 25:25 Why this is useful and example use case' 26:10 PowerShell Artifacts 27:30 Bits Transfer Artifact 28:50 How to hunt for multiple compromised machines. 30:40 Parsing the Results using VQL 33:20 Demo Conclusion 🔥 YOUTUBE ALGORITHM ➡ Like, Comment, & Subscribe! 🙏 SUPPORT THE CHANNEL ➡ https://jh.live/patreon 🤝 SPONSOR THE CHANNEL ➡ https://jh.live/sponsor 🌎 FOLLOW ME EVERYWHERE ➡ https://jh.live/discord ↔ https://jh.live/twitter ↔ https://jh.live/linkedin ↔ https://jh.live/instagram ↔ https://jh.live/tiktok 💥 SEND ME MALWARE ➡ https://jh.live/malware