Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Analyzing Malware Attacks Using Sysmon - A Practical Guide to Event Logging and Investigation

Cyber Mentor via YouTube

Start learning Write review
Corporate Finance Institute Ad

Build the Finance Skills That Lead to Promotions — Not Just Certificates

Learn More → Coursera Ad

Google, IBM & Microsoft Certificates — All in One Plan

Learn More →

Overview

Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Learn how to leverage Sysmon for advanced endpoint event logging and security analysis through a hands-on 41-minute video demonstration. Master the installation process of Sysmon and understand crucial event IDs for tracking malicious behavior. Follow along with a practical attack simulation using Discord as a command and control channel, where malware execution and persistence mechanisms are implemented. Explore the investigative process of analyzing generated events to reconstruct the attack chain, enhancing detection and response capabilities for better defensive security measures.

Syllabus

Introduction -
Sysmon Event IDs Overview -
Sponsor B-Roll -
Sysmon Installation -
Generating Payload -
Delivering the Payload via Discord -
Executing the Payload -
Post Compromise Attacks -
Analyzing the Attack with Sysmon -
Conclusion -

Taught by

The Cyber Mentor

Reviews

Start your review of Analyzing Malware Attacks Using Sysmon - A Practical Guide to Event Logging and Investigation

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.