English | Size: 3.4 GB
Genre: eLearning
Incident response to live cyberattacks requires silent navigation through compromised assets, sometimes in large distributed networks. The popular approach relies on EDR or other live agent-based solutions. However, the activation of security agents and obvious activities on live compromised systems may trigger alerts of advanced threat actors. Once alerted, a cleanup operation and destruction of evidence can happen. Moreover, offline system analysis may not be easy due to the physical distance to the compromised system or the scale of the network. This is where remote stealthy threat discovery with “scoutware”, software for threat hunting and instant system analysis, becomes incredibly useful.
In our training you will be introduced to the free, open-source scoutware tool Bitscout developed by Vitaly Kamluk from Kaspersky GReAT in collaboration with INTERPOL, that has been successfully used by Kaspersky researchers for years. The cases demonstrated in the training were developed by Vitaly Kamluk and Nicolas Collery, Executive Director at DBS Bank, primary incident responder. During the training you will create your own remote analysis tool and practice it right away in the provided virtual lab!
Syllabus
Day 1: Static Analysis
Introduction and theory
Crafting and customizing your own scoutware
Exercises
Day 2: Dynamic Analysis*
Introduction to remote dynamic analysis
Bypassing Windows authentication
Stripping off full disk encryption
Discovering various malware, including kernel mode rootkit
Reconstructing malware startup chain
Running custom LiveCD on top of Bitscout
https://rapidgator.net/file/0287502ee82f3f6806d8fb0e347c36df/Bitscout-Remote-Forensic-Toolkit.part01.rar.html
https://rapidgator.net/file/0324db5d51b9c9a5a3874586fcae217d/Bitscout-Remote-Forensic-Toolkit.part02.rar.html
https://rapidgator.net/file/b6cdcc3a90a682f385eb499b43b8225c/Bitscout-Remote-Forensic-Toolkit.part03.rar.html
https://rapidgator.net/file/d2ad7c8a4b211c3b581da2a8d899da06/Bitscout-Remote-Forensic-Toolkit.part04.rar.html
https://rapidgator.net/file/706a5123d9791fdba5ebd7062a7a8b24/Bitscout-Remote-Forensic-Toolkit.part05.rar.html
https://rapidgator.net/file/0a2981065f90b22fa97c39641cd46d61/Bitscout-Remote-Forensic-Toolkit.part06.rar.html
https://rapidgator.net/file/ec51a76e28c0ed280b069a332604fc6e/Bitscout-Remote-Forensic-Toolkit.part07.rar.html
https://rapidgator.net/file/75e6f696fe760c24a460fad0839e68e6/Bitscout-Remote-Forensic-Toolkit.part08.rar.html
https://rapidgator.net/file/35798f7cc6ee58f2e0c949dc1d405719/Bitscout-Remote-Forensic-Toolkit.part09.rar.html
https://tbit.to/c9f3vi5hr764/Bitscout-Remote-Forensic-Toolkit.part01.rar.html
https://tbit.to/gmxek9tp9as6/Bitscout-Remote-Forensic-Toolkit.part02.rar.html
https://tbit.to/3ftfkiuha0rf/Bitscout-Remote-Forensic-Toolkit.part03.rar.html
https://tbit.to/mnhh1e7w9h72/Bitscout-Remote-Forensic-Toolkit.part04.rar.html
https://tbit.to/s8i0nk6505eu/Bitscout-Remote-Forensic-Toolkit.part05.rar.html
https://tbit.to/9gp4qkc4c6k4/Bitscout-Remote-Forensic-Toolkit.part06.rar.html
https://tbit.to/unya9qdny87j/Bitscout-Remote-Forensic-Toolkit.part07.rar.html
https://tbit.to/m2lomwgtez1n/Bitscout-Remote-Forensic-Toolkit.part08.rar.html
https://tbit.to/48gn6ee4i7zw/Bitscout-Remote-Forensic-Toolkit.part09.rar.html
If any links die or problem unrar, send request to
https://forms.gle/e557HbjJ5vatekDV9
Leave a Reply