DFSP # 286 - Lateral MM Fast Triage 2 [5145]

Digital Forensic Survival Podcast - En podcast af Digital Forensic Survival Podcast - Tirsdage

Kategorier:

This week we continue with the Windows fast triage series. We are up to lateral movement and talking about admin shares. On topic this week is event 5145 which is a Windows log that records verbose information about network share objects and it is an artifact you can use to triage a system or group of systems for evidence of malicious lateral movement. 

Visit the podcast's native language site