Hunting for Evidence of DLL Side-Loading With PowerShell and Sysmon

18 August 2021

X-Force Red released a tool called Windows Feature Hunter, which identifies targets for dynamic link library (DLL) side-loading on a Windows system using Frida. To provide a defensive counter-measure perspective for DLL side-loading, X-Force Incident Response has released SideLoaderHunter, which is a system profiling script and Sysmon configuration designed to identify evidence of side-loading on Windows systems.

Read full article on Security Intelligence

Date:

18 August 2021

Categorie(s):

NEWS

Tag(s):

Advanced Threats, Evidence, Hunting, Incident Response, PowerShell

US Takes Down Illegal Cryptocurrency Mixing Service Samourai Wallet25 April 2024
Ring agrees to pay $5.6 million after cameras were used to spy on customers25 April 2024
NDR in the Modern Cybersecurity Landscape25 April 2024
Russia, Iran pose most aggressive threat to 2024 elections, say infoseccers25 April 2024
NIST’s role in the global tech race against AI25 April 2024