Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
This lesson focuses on timestamps, event log clearing and password cracking. A timestamp is a metadata field that informs a system about when a file was created, edited, opened or moved. You can defeat timestamps on a Windows machine by obfuscation, in Linux you can also use the touch command. Windows event logs can be used to store information about nearly everything on a system and are managed via the command line wevtutil. Participants also learn about two methods of password cracking: Brute force: trying every possible combination until something works. Dictionary attacks: using a list of words to crack password. This method can be highly effective as 98% of passwords are made up of the 10,000 most common passwords.