Dynamic Analysis with Windows Performance Toolkit

Presented at CarolinaCon 12 (2016), March 6, 2016, 11 a.m. (Unknown duration)

In this talk we will be looking at some practical ways to use the Windows Performance Toolkit. Not many people know about this little gem. It's kind of like procmon on steroids. This talk is for security researchers, malware analysts, system administrators, and the rest of us who want to know more about what goes on under the hood.

Presenters:

• DeBuG (John deGruyter)
  DeBuG has traveled to and attended every CarolinaCon since the first one back in 2005. The last 3 cons he has ran CTF with his crew ""The XRG"". DeBuG started his career in the late 90s humping a pack and carrying an M-16 in the United States Marine Corps. Since then he has worked in various technical roles and taught as an adjunct professor for George Washington University.

Links:

• https://infocon.org/cons/CarolinaCon/CarolinaCon 12 2016/Dynamic Analysis with Windows Performance Toolkit - DeBuG (John deGruyter).mp4
• https://infocon.org/cons/CarolinaCon/CarolinaCon 12 2016/Dynamic Analysis with Windows Performance Toolkit - DeBuG (John deGruyter).srt (subtitles)
• https://www.youtube.com/watch?v=729wmWJaOIo

Similar Presentations:

• DerbyCon 3.0 All in the Family (2013) / Windows 0wn3d By Default
• REcon 2022 / Function overrides, from a Security mitigation to a fully-fledged Performance Feature in Windows