I wrote up a post on the SANS Digital Forensics blog titled Digital Forensics: Persistence Registry keys where I gave a couple of links to text files containing Registry keys for Windows XP SP3 system that I'd run Autoruns on to gather a list of Registry keys that could (possibly) be used as persistence vector's for malware.
I have collected similar lists for Windows Vista and Windows 7. The files are available at trustedsignal.com/IR.
Friday, October 22, 2010
Subscribe to:
Comments (Atom)
Grand Canyon: Rim-to-Rim 1 of n
I hadn't intended to drive for 16 hours. It's around midnight and my friend and I are about two hours away from Bright Angel Lodge a...
-
I've been playing around with the matasano crypto challenges for my own edification. Let me say up front, I'm a noob when it comes t...
-
My last post here, XOR'd play: Normalized Hamming Distance, was a lengthy bit about the reliability of Normalized Hamming Distance to d... -
If you're fortunate enough to be running a modern endpoint detection and response (EDR) product or even endpoint protection (EPP), you m...