23. IR Tool with
Powershell
LRUP.PS1:
× https://ppt.cc/fMRChx
× https://github.com/Invoke-IR/PowerForensics
Live Response Using PowerShell - SANS Institute:
https://www.sans.org/reading-room/whitepapers/forensics/live-
response-powershell-34302
23
24. Loki
Simple IOC and Incident Response Scanner:
× https://www.bsk-consulting.de/loki-free-ioc-scanner/
× https://github.com/Neo23x0/Loki/releases/download/v0.24.2
/loki_0.24.2.zip
24
25. Brimorlabs
Live Response
Live Response Collection – Bambiraptor Build:
× Automated tool that collects volatile data from
× Windows
× OSX
× *nix
× based operating systems
× https://www.brimorlabs.com/Tools/LiveResponseCollection-
Bambiraptor.zip
25
31. "The competent cyber warrior
learns from their mistakes.
The cyber master learns from the
mistakes & knowhow of others."
The Art of Cyber War
孫子兵法 網戰篇…
31
36. Anti Analysis
× https://github.com/a0rtega/pafish
× https://github.com/AlicanAkyol/sems/
× https://github.com/google/sandbox-attacksurface-
analysis-tools
× https://github.com/LordNoteworthy/al-khaser
× https://github.com/marcusbotacin/Anti.Analysis
× https://github.com/ricardojrdez/anti-analysis-tricks
"Cyber deterrence creates the next decade's malware
problem." - Sun Tzu, The Art of Cyber War
36
47. Thanks!
Any questions?
You can find me at:
https://www.facebook.com/jack.chou.351
jackzzsh11235813800626@gmail.com
https://twitter.com/jackchou51706
https://github.com/jack51706
https://www.linkedin.com/in/keyboard007/
47