Log Analysis & Management
The art of reading the "Black Box" of systems.
INCLUDED IN:
Operational Phase
01
Windows Event Logs
Understanding Security, System, and Application channels.
02
Linux Syslog
Reading /var/log/auth.log and journalctl.
03
Regex for Hunters
Writing regular expressions to find evil patterns.
04
Persistence Hunting
Finding scheduled tasks and registry run keys in logs.