Reverse Analyzing Attacks for Detection, Justin Henderson – Paul’s Security Weekly #519

Learn how to use Windows Event Logs to catch attackers in your network, including domain admin group enumeration and mimikatz attacks! Justin Henderson (@SecurityMapper) categorizes this technique as “reverse attack analysis for detection” and shows us how to do it in this technical segment! References to Mark Baggett’s work on are made as well. […]