Closed farrowking37 closed 4 years ago
farrowking37
commented
4 years ago Beginning the TimeStomp excersize. I'll download the tool to my version of the SEC335 windows 10 VM that has some additional dummy files created in various folders. We will run the tool, explore it's options, and the result should be a word document that I can upload to the repo.
farrowking37
commented
4 years ago No version of TimeStomp that I could find ran on Windows 10. Instead I ran TimeStomper, a PoC that performed the same technique using the Windows API. With this tool I was able to successfully perform Timestomping activity.
You can review the reports here
Install and evaluate the effect that TimeStomp has on a live system. Document the process, and see if I can understand what the open source code does.