Session 7: Malware Memory Forensics
This session covered the tools and techniques to perform malware memory forensics. Demo Video 1 – Malware Memory Forensics Demo Video 2 – Malware Memory Forensics
14
11
Session 6: Malware Sandbox Analysis
This presentation covered the process of automating the analysis of malware using the custom written sandbox Demo Video 1 – Sanbox Analysis of Spybot Demo Video 2 – Sandbox Analysis of Zbot Demo Video 3 – Sandbox Analysis of Prolaco
0
Session 2: Botnet Analysis – Part 1
This session will discuss some stealth techniques used by malwares and also demonstrates some rapid reversing techniques to accelerate the reversing tasks. Video Demo
2
Session 1: Detection and Removal of Malwares
This session will introduce you with some tools and tricks to identify and remove malwares from the infected system. [Note: View the video in 720HD quality] Demo Video 1 Demo Video 2 Demo Video 3 Demo Video 4
8
Session 12 – Case Study: Rootkit Analysis
This session covered the concept of rootkit and demonstrated some of the techniques used by the rooktits. Demo Video 1: Mader – SSDT Hooking Demo Video 2: Prolaco – Process Hiding using DKOM Demo Video 3: Darkmegi/waltrodock – Installs Device Driver Demo Video 4: Carberp – Syscall Patch and Inline Hooks
2
Session 11 – Practical Reversing Part VI – Exploit Development [advanced]
This session discussed some of the protections added by the operating system and processors to mitigate the exploitation, and also presented some ways to bypass those protections. DemoVideo 1: Heap Spray DemoVideo 2: Bypassing DEP
2
Session 10 – Practical Reversing Part V – Exploit Development [basic]
This session covered the basic techniques of exploitation, some of these techniques may not work on latest operating system due various protections added into them. But these techniques are very crucial to understand the basic nature of exploit Demo Video 1: EIP Overwrite Demo Video 2: SEH Overwrite
9
Session 9 – Practical Reversing Part IV – Basic & Advanced Malware Analysis
This session covered the concept of basic and advanced malware analysis. Video Demo Demo Video 1: Basic Malware Analysis Demo Video 2: Advanced Malware Analysis
10
Session 8 – Practical Reversing Part III – Malware Memory Forensics
Memory forensics is an investigation technique which involves examining the computer’s memory for forensic artifacts. This presentation covers the concept of memory forensics and shows how to perform memory forensics using an investigation scenario. Video Demo
2
Session 7 – Practical ReversingPart II – Unpacking Malware
In reverse engineering understanding cryptographic functions and packers are the two most challenging and sophisticated tasks. In real life virtually all malwares use some form of packing so understanding packing/unpacking is one of the most important task in malware analysis. Check the reference section for additional material. We highly recommend Lena151 (see reference) material for […]