Description: In the past, hackers and pen testers have used various techniques to hide the presence of tools and information on compromised systems. Techniques such as alternate data streams in Windows, and directories with common names in Linux, have been basic implementations of such techniques. The addition of Shadow Copies to modern Windows operating systems provides us with yet another opportunity to conceal information on remote systems. This talk will discuss the history of concealing data within operating systems and new techniques and tools for doing so in modern Windows implementations
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.