📣 If you are a #SysAdmin, you absolutely need to learn #Sysinternals #Procmon. 🧰 It's going to save you countless hours troubleshooting weird problems, plus you get to know more about how the system works under the hood. 👍

https://learn.microsoft.com/en-us/sysinternals/downloads/procmon

Just finished day 12 of #AdventOfCyber , had fun analyzing malware and learning about #CAPA and #ProcMon. Too bad, my attackbox died 4 times with a connection error. Can also highly recommend the Walkthrough from HuskyHacks to learn more about CLI tools to achieve some analyzing.

Hey, good news, the guy I taught to #ProcMon just came back with the results and proved that it wasn't the security tools! (We knew it wasn't, but we've gained an ally in the fight against "The Security Tool's are blocking/breaking/stopping/etm...." #LittleWins #Troubleshooting

Found myself teaching #ProcMon and #Troubleshooting to a peer again today. It was an essential skill in a previous role and one that everyone should have in their tool box.

Additional tools include #AuditPol and #Sysmon

I cover two of those (Sys and Procmon) in this video.

Give it a watch, share it around, etc....

https://youtu.be/rr5CI7rakkU?t=2453

These are great tools to use when more advanced malware sandboxing tools aren't available. VM and #Sysinternals

#DFIR #Forensics #HelpDesk #Malware