nganhkhoa/mether049-malware
1
0
Fork 0
mirror of https://github.com/nganhkhoa/malware.git synced 2024-06-10 21:32:07 +07:00
Code Issues Projects Releases Wiki Activity

Update malware-analysis_ref_and_memo.md

Browse Source
This commit is contained in:
mether049 2020-04-16 20:09:27 +09:00 committed by GitHub
parent 452e0b3adf
commit d0053a1702
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
malware-analysis_ref_and_memo.md
View File

@ -101,6 +101,9 @@ DFIR,マルウェア解析OSINTに特化したUbuntuベースのディスト
- 数百万のUser Agentに対応
### Forensic
- **Windows Security Log**
- [Windows Security Log Events](https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/)
- 一覧
- **[Sysinternals](https://docs.microsoft.com/en-us/sysinternals/downloads/)**
- Sysmon
- ホスト上で発生したプロセスファイルレジストリネットワークWMI関連のインベントをEventLog(.evtx)に記録する