fbpx
cybersecurity
education
€ EUR
  • $ USD
  • € EUR

How Forensic Experts Use Windows Prefetch

How Forensic Experts Use Windows Prefetch

Prefetch files offer a digital snapshot of events inside your Windows operating system (OS). Because they are created when an executable program is run from a particular location for the very first time, forensic specialists can use these files to determine what was running and when. In the event of a cyber-attack, the timeline of […]

A Look Inside the Pass-the-PRT Attack

Pass-the-PRT Attack

Discover what a Primary Refresh Token is and how cyber-criminals are exploiting it in two different ways to launch Azure Active Directory attacks.

Hacks Weekly #47 Memory Dump

Memory dump in general is useful in order to investigate what’s running in our system memory. Everything, all information that was running before the crash is stored in our memory. For example, if there is any kind of malicious code that is running in the memory of a legitimate process, then you would be able […]

Hacks Weekly #48 Introduction to Stackwalking

Stackwalking is very useful function which could be enabled in a feature of the Event Tracking for Windows and the Windows Performance Analyzer. ETW is implemented in the Windows operating system. It provides us with a fast and reliable set of event tracing features. When you enable stackwalking for a kernel event, the kernel captures […]

How can we help you?

Suggested searches

    Search history

      Popular searches:

      Not sure what course to look for?

      Mobile Newsletter Form