Posts Tagged ‘Powerdown the PowerShell Attacks’

Most Recent
 
Read More
2018-04-02

Bypassing AppLocker with PowerShell Scripts

Several years ago, Microsoft announced a new tool – AppLocker, which, according to the developers, was designed to increase the level of security when working in Windows. Unfortunately, the way was uncovered, in which you can run any application in the system bypassing AppLocker and without administrator rights.

258
 
Read More
2018-02-11

Analyzing an attack with powershell

Nikhil Mittal has shared the presentation ‘Hacked? Pray that the Attacker used PowerShell’. It tell us how to find fingerprints of an attack with powershell in a compromised system.

255
 
Read More
2018-02-04

PowerShell Forensics

The work of Ryan Kazannian and Matt Hastings for their research on the attacks of Powershall served as a starting point and the main resource for research on this topic. Recently, David Wells has been working on this for a long time.

917
 
Read More
2018-01-17

Basics of Powershell Scripting

It is a good idea using Powershell Scripting for DFIR, system administrators and a field work. Hrushikeshk has shared a post ‘Powershell 101’ which contains on notes about how to use Powershell Scripting.

 

630
Latest Headlines
 
Read More
664
 
Read More
371
 
Read More
741

Trending Topics
digital forensics
computer forensics
Articles
mobile forensics
DFIR
digital forensics software
Android forensics
windows forensics
incident response
Top Stories
 
 
Right Now
 
bstrings 1.0 released
Top Five
Heat Index
 
1
Decrypting encrypted WhatsApp databases without the key
 
2
How to Make the Forensic Image of the Hard Drive
 
3
Extracting data from SmartSwitch backups
 
4
Forensic tools for your Mac
 
5
An Overview of Web Browser Forensics