[转载]FATKit : Detecting Malicious Library Injection and Upping the “Anti”
信息来源:[url]http://www.4tphi.net/fatkit/[/url]In this white paper, we discuss how the Forensic Analysis ToolKit (FATKit) can facilitate the process of enumerating suspicious artifacts manifested as a result of remote library injection. We discuss a number of techniques that have proven effective at elucidating artifacts that are by-products of advanced exploitation methods frequently characterized as anti-forensic or stealthy.
页:
[1]