This week, we’re diving into how to triage for PSEXEC evidence. PSEXEC leaves traces on both the source and target systems, making it essential to identify artifacts on each to determine whether a system was used as an attacker’s tool or was the target of an attack. While PSEXEC has somewhat fallen out of favor due to increased use of PowerShell for similar activities, it remains a commonly abused utility among attackers. In this episode, we’ll break down the key artifacts and methodologies for effective triage.
정보
- 프로그램
- 주기매주 업데이트
- 발행일2024년 12월 17일 오후 1:13 UTC
- 길이17분
- 등급전체 연령 사용가