42 min listen
Unavailable
ratings:
Length:
39 minutes
Released:
Dec 8, 2014
Format:
Podcast episode
Description
Tyler Hudak (@secshoggoth) came to discuss with us the process of doing analysis on malware binaries. We talk about MASTIFF, his malware framework. We also discuss how to gain information from malware program headers, and some software that is used to safely analyze it.
Helpful Links:
Ida Pro: https://www.hex-rays.com/products/ida/
Process Monitor - http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx
Mastiff White Paper: http://digital-forensics.sans.org/blog/2013/05/07/mastiff-for-auto-static-malware-analysis
Mastiff latest: http://sourceforge.net/projects/mastiff/files/mastiff/0.6.0/
cuckoo sandbox: www.cuckoosandbox.org
Anubis: https://anubis.iseclab.org/
PE Headers: http://en.wikipedia.org/wiki/Portable_Executable
ELF: http://fr.wikipedia.org/wiki/Executable_and_Linkable_Format
REMnux- reverse engineering linux distro:https://remnux.org/
Inetsim: http://www.inetsim.org/
Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/
Helpful Links:
Ida Pro: https://www.hex-rays.com/products/ida/
Process Monitor - http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx
Mastiff White Paper: http://digital-forensics.sans.org/blog/2013/05/07/mastiff-for-auto-static-malware-analysis
Mastiff latest: http://sourceforge.net/projects/mastiff/files/mastiff/0.6.0/
cuckoo sandbox: www.cuckoosandbox.org
Anubis: https://anubis.iseclab.org/
PE Headers: http://en.wikipedia.org/wiki/Portable_Executable
ELF: http://fr.wikipedia.org/wiki/Executable_and_Linkable_Format
REMnux- reverse engineering linux distro:https://remnux.org/
Inetsim: http://www.inetsim.org/
Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/
Released:
Dec 8, 2014
Format:
Podcast episode
Titles in the series (100)
2020-020-Andrew Shikiar - FIDO Alliance - making Cybersecurity more secure: Andrew Shikiar, executive director and CMO of the (Fast IDentity Online) FIDO Alliance. What is FIDO? “ open industry association launched in February 2013 whose mission is to develop and promote standards that help reduce the... by BrakeSec Education Podcast