September Monthly Meet - Evolving Beyond GREP & Exploration of Steganography
Details
Agenda
• Food, Drinks & Networking (20 mins)
• Introduction & Announcement (10 mins)
• Evolving Beyond GREP: Enterprise-Wide Hunting with Execution Artefacts by Bart Inglot (45 mins)
• Break (5 mins)
• Beginner's Exploration in Steganography by Jonathan Tan (20 mins)
Abstracts
Evolving beyond GREP: Enterprise-wide hunting with execution artefacts by Bart Inglot
The talk will present an open-source tool designed to efficiently process, analyse and hunt at enterprise scale using temporal execution artefacts such as ShimCache and AmCache, that for the last 2 years was only available to Mandiant consultants. The talk is full of demos and will present custom-built analytics, such as: time execution correlation, Levenshtein distance analysis and time stacking, to name a few. The talk was designed by the tool author and my dear colleague – Matias Bevilacqua.
Beginner's Exploration in Steganography by Jonathan Tan
What is steganography and what is it used for? What is least significant bit (LSB) algorithm for steganography? Implementation of LSB in bitmap and the PoC of avoiding detection.
Speakers' Bio
Bart Inglot is an incident response and forensics specialist in Mandiant's security consulting services team helping clients restore confidence in an event of a breach. He holds a degree in computer forensics, is a keen developer, enjoys inspecting network traffic and specialises in Windows forensics.
Jonathan Tan is currently a year 2 student in SMU Information Systems. He graduated from Temasek Polytechnic with a Diploma in Cyber & Digital Security. He enjoys the process of hacking and is actively involved in SMU Whitehats Society as the current Honorary General Secretary.