Windows Console Monitoring

This is a demonstration version of how to monitoring Windows console (starting from Windows 8). The concept was based on the 2-part articles of fireeye blog but source code wasn’t revealed, so i decide to write a POC for my own. Let me know if you want some more features.

The 2-part articles of fireeye blog can be viewed here:

https://www.fireeye.com/blog/threat-research/2017/08/monitoring-windows-console-activity-part-one.htmlhttps://www.fireeye.com/blog/threat-research/2017/08/monitoring-windows-console-activity-part-two.html

GitHub:

WinConMon

Demo

Windows 10 x64-2017-09-09-13-55-54

Advertisements

4 thoughts on “Windows Console Monitoring

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s