nganhkhoa/mether049-malware
1
0
Fork 0
mirror of https://github.com/nganhkhoa/malware.git synced 2024-06-10 21:32:07 +07:00
Code Issues Projects Releases Wiki Activity

Update malware-analysis_ref_and_memo.md

Browse Source
This commit is contained in:
mether049 2020-10-08 17:10:05 +09:00 committed by GitHub
parent 19315ea13f
commit 2a2bd6fe58
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
malware-analysis_ref_and_memo.md
View File

@ -145,6 +145,7 @@ DFIR,マルウェア解析OSINTに特化したUbuntuベースのディスト
- [Windows Security Log Events](https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/) - [Windows Security Log Events](https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/)
- 一覧 - 一覧
- [Windows security event log library](https://www.manageengine.com/products/active-directory-audit/kb/windows-event-log-id-list.html) - [Windows security event log library](https://www.manageengine.com/products/active-directory-audit/kb/windows-event-log-id-list.html)
- [EventID.Net](http://www.eventid.net/)
- **[Sysinternals](https://docs.microsoft.com/en-us/sysinternals/downloads/)** - **[Sysinternals](https://docs.microsoft.com/en-us/sysinternals/downloads/)**
- Sysmon - Sysmon
- ホスト上で発生したプロセスファイルレジストリネットワークWMI関連のインベントをEventLog(.evtx)に記録する - ホスト上で発生したプロセスファイルレジストリネットワークWMI関連のインベントをEventLog(.evtx)に記録する