Advance your Career with Hands-on Cyber Security Training in San Francisco. Save $350 thru 5/29.

Crystal City 2018

Arlington, VA | Mon, Jun 18 - Sat, Jun 23, 2018
This event is over,
but there are more training opportunities.

Windows Exploratory Surgery with Process Hacker

  • Jason Fossen
  • Monday, June 18th, 7:15pm - 9:15pm

In this talk, Jason Fossen, SANS Institute Fellow and SEC505 author, will rummage around inside the guts of Windows while on the lookout for malware, using a free tool named Process Hacker (similar to Process Explorer, but open source). Understanding processes, threads, drivers, handles, and other OS internals is important for analyzing malware, understanding exploits, doing forensics, troubleshooting, and hardening the OS. If you have a laptop, get Process Hacker from http://processhacker.sourceforge.net and together we'll take a peek under the GUI to learn about Windows internals. This talk also helps to prepare attendees for several of the courses at the conference by presenting key OS concepts like virtual memory, modules, security access tokens, and more.


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Monday, June 18
Session Speaker Time Type
General Session - Welcome to SANS Bryan Simon Monday, June 18th, 8:00am - 8:30am Special Events
Windows Exploratory Surgery with Process Hacker Jason Fossen Monday, June 18th, 7:15pm - 9:15pm Keynote