Dropbox

Monitoring file system changes with PowerShell I recently returned from facilitating Lenny Zeltser‘s excellent Reverse Engineering Malware course at SANS Security West.  One of the utilities covered in the course is called CaptureBAT, which is a useful utility for monitoring a system for changes while performing malware analysis.  Of course, given my ongoing interest in…

Read More Recycle Bin Forensics in Windows 7 and Vista