Illusive Labs Blog

Technical cybersecurity perspectives focusing on deceptions, threat trends, incident response, advanced attacks and new technologies

Windows Console Command History: Valuable Evidence for Live Response Investigation

Posted by Tom Sela on Jan 11, 2018 8:01:49 AM

Note:  This blog is an updated version of a piece originally published in the March 2017 edition of eForensics Magazine

As a security researcher and part-time Incident Response (IR) analyst, I know that fine details are of paramount importance. The role requires ongoing research to understand an attacker’s actions on compromised machines. A typical research process requires examining hundreds, or even thousands, of artifacts to find the needle in the haystack.

Read More


Stay up to date!