Reverse Engineering Windows Attack

Memory Vulnerabilities

Memory vulnerabilities are programmatic flaws in which the application improperly accesses or handles objects stored in memory. These vulnerabilities can result in memory corruption leading to arbitrary code execution or denial of service. Because memory exploits work outside the normal bounds of the operating system, many activities conducted during those exploits will not be logged. […]

Windows Attack

Manual Windows Checks

Windows Patch Level Lists installed packages: Available Shares List open file shares: The default Windows shares are: C$, IPC$, ADMIN$ If these are present that is fine. If there are any more then investigate what they are and try to determine if they are sharing sensitive information. If you find it is sharing a CD-ROM […]