During this study we explore deep parts of Windows systems and tryo to “excavate” useful logs so that we can behaviorally detect rubber duckies post-mortem. This study focuses on upper filter drivers, ETW, detection engineering and forensic logic.
During this study we explore deep parts of Windows systems and tryo to “excavate” useful logs so that we can behaviorally detect rubber duckies post-mortem. This study focuses on upper filter drivers, ETW, detection engineering and forensic logic.