4th Meetup -Return Address – The silver bullet
In this awesome presentation, Amit Malik discussed about the importance of return address in solving some of the problems related to analysis and detection of the malicious codes. Presentation:
In this awesome presentation, Amit Malik discussed about the importance of return address in solving some of the problems related to analysis and detection of the malicious codes. Presentation:
In this awesome presentation, Raghav Pande explained the concept of public protections and showed how public exploit mitigation toolkits are not enough to protect from a targeted attack as well as how easy it is to evade all public protections. Presentation:
In this awesome presentation, Subrat Sarkar explained the concepts of Windows logon mechanism, Windows Logon architecture, Windows credential provider and showed how an attacker can take advantage of credential provider to steal Windows password in plain text and how to find and mitigate this issue. Presentation:
In this meet, Sameer Patil delivered presentations on “Anatomy of Exploit Kits”, Satyam Saxenacovered the topic on “Detecting the Malicious Url using Machine Learning” and Monnappa KApresented the topic on “Hunting the Gh0st RAT cyber espionage malware using Memory Forensics”. Here is the link to presentations and video demonstrations: 1. Anatomy of Exploit Kits […]
In this awesome presentation, Monnappa KA explained the details of Ghost RAT malware used in various Cyber Espionage attacks. He showcased the sandbox analysis, traffic pattern and decrypting the communications of Ghost RAT from packet capture. He also demonstrated both manual and automated method of detecting and decrypting the communications of Ghost RAT using memory […]
In this awesome presentation, Satyam Saxena explained the concept of detecting malicious urls using machine learning.The presentation mainly focused on using various infrastructure based features of an url, to design a machine learning system which can automatically predict the probability of its maliciousness. Presentation:
In this awesome presentation, Sameer Patil explained the concept of Exploit Kits and its working with some interesting case studies. He also covered various phases of exploitation and demonstrated the analysis of Nuclear and Fiesta exploit kits. Presentation: Video Demo 1: Video Demo 2:
In this meet, Raghav Pande and Monnappa delivered fabulous presentations on reverse engineering the evasive tactics of advanced malwares. Here is the link to presentations and video demonstrations: 1. Dissecting BetaBot 2. Reversing and Decrypting the Communications of APT Malware Here are the few snapshots from the session
In this awesome presentation, Monnappa explained about Etumbot malware used in a Cyber Espionage attack. He showcased the sandbox analysis, Reverse engineering and Decrypting the communications of Etumbot Backdoor using practical video demonstrations. Presentation: Video Demo 1: Video Demo 2: Video Demo 3: References: http://www.arbornetworks.com/asert/2014/06/illuminating-the-etumbot-apt-backdoor/ http://www.fireeye.com/blog/technical/botnet-activities-research/2014/09/darwins-favorite-apt-group-2.html
In this presentation, Raghav Pande explained various self defending mechanisms of BetaBot. He also presented unpacking, hooking and injection methods of this malware using illustrative screenshots. Presentation: