Alternate Data Streams

Alternate Data Streams (ADS) in the NTFS file system allow data to be hidden within regular files—making them a powerful yet often exploited feature in Windows environments. In this guide, uncover how ADS in Windows works, why it poses a serious cybersecurity risk for IT teams, and how attackers use data hiding in Windows files to compromise systems. Learn how to detect ADS using tools like Sysinternals Streams, PowerShell commands, and advanced forensic tools for NTFS.

Read the full blog on Alternate Data Streams: An Overview

Never miss a NinjaOne video!

in this video
    ×

    Voir NinjaOne en action !

    En soumettant ce formulaire, j'accepte la politique de confidentialité de NinjaOne.

    Never miss a video!