Penetration Testing mailing list archives
Re: [PEN-TEST] Autocomplete Function
From: Bill Weiss <bill_weiss () att net>
Date: Mon, 13 Nov 2000 23:50:10 -0700
Davidson,Sam(SDAVIDSON () CERNER COM)@Mon, Nov 13, 2000 at 03:27:57PM -0600:
Has anyone tried taking a sysdiff snapshot, then visiting some sites and taking a diff shot to find the modified files? This would be verrrry valuable info when compromised.
In response to the original (and maybe yours, I don't know), check out www.sysinternals.com. They have some "mon" tools, such as RegMon and FileMon, which are damn helpful when wondering what that program's doing in there.
Current thread:
- [PEN-TEST] Autocomplete Function Masse, Robert (Nov 14)
- <Possible follow-ups>
- Re: [PEN-TEST] Autocomplete Function Davidson,Sam (Nov 14)
- Re: [PEN-TEST] Autocomplete Function Oleg Letsinsky (Nov 15)
- Re: [PEN-TEST] Autocomplete Function Bill Weiss (Nov 15)
- Re: [PEN-TEST] Autocomplete Function Ben Grubin (Nov 15)
- Re: [PEN-TEST] Autocomplete Function Magnus Ullberg (Nov 15)
- Re: [PEN-TEST] Autocomplete Function Masse, Robert (Nov 15)
- Re: [PEN-TEST] Autocomplete Function Ryan Russell (Nov 15)
- Re: [PEN-TEST] Autocomplete Function David Knaack (Nov 15)
- Re: [PEN-TEST] Autocomplete Function N Catlow (Nov 16)
- Re: [PEN-TEST] Autocomplete Function Ryan Russell (Nov 15)