You are being exposed to malicious scripts in one form or another every day, whether it be in email, malicious documents, or malicious websites. Many malicious scripts at first glance appear to be impossible to understand. However, with a few tips and some simple utility scripts, you can deobfuscate them in just a few minutes.
SANS Instructor Evan Dygert conducted a webcast on October 3rd, 2018. This webcast teaches you how to cut through the obfuscation techniques the script authors use and not spend a lot of time doing it. Evan also demonstrates how to quickly deobfuscate a variety of malicious
The samples of the scripts he provided during the webcast can be downloaded here: https://dfir.to/MaliciousScripts. Please note the password for the samples.zip folder is: “infected”
For additional opportunities to take the FOR610 course, consider upcoming runs and modalities:
US & International live training : Live events offered throughout the US, EMEA & APAC regions.
DFIR Summits : Two days of industry expert talks plus DFIR training events
Virtual : Live events from anywhere in the world.
OnDemand : Learn at your own pace, anytime, anywhere.
*** This is a Security Bloggers Network syndicated blog from SANS Digital Forensics and Incident Response Blog authored by sansdfir. Read the original post at: http://feedproxy.google.com/~r/SANSForensics/~3/U-ZnTgS1kPM/shortcuts-for-understanding-malicious-scripts