Hello Reader,
If you watched the forensic lunch test kitchen this week you would have seen I was using Sysmon to monitor registry changes. Let's see what you would do in this weeks monitoring challenge.
The Prize:
If you watched the forensic lunch test kitchen this week you would have seen I was using Sysmon to monitor registry changes. Let's see what you would do in this weeks monitoring challenge.
The Prize:
$100 Amazon Giftcard
The Rules:
- You must post your answer before Friday 10/5/18 7PM CST (GMT -5)
- The most complete answer wins
- You are allowed to edit your answer after posting
- If two answers are too similar for one to win, the one with the earlier posting time wins
- Be specific and be thoughtful
- Anonymous entries are allowed, please email them to dcowen@g-cpartners.com. Please state in your email if you would like to be anonymous or not if you win.
- In order for an anonymous winner to receive a prize they must give their name to me, but i will not release it in a blog post
The Challenge:
How would you monitor/record changes to registry keys? What could you do to get more data?
Also Read: Daily Blog #492
Post a Comment