9th Meetup – Deep Web – what to do and what not to do
In this meet, Ajay Kumar delivered presentation on “Deep Web – what to do and what not to do ”
In this meet, Ajay Kumar delivered presentation on “Deep Web – what to do and what not to do ”
In this meet, Abhijit Mohanta delivered presentation on “Malware Detection using Machine Learning ”
Introduction Lately a lot of my clients have raised queries about getting legitimate access to virtual accounts and e- properties of their deceased loved ones. Analyzing these queries I intend to explain the complexity and solution to simplify legal and practical issues so emanating out in form of a virtual property will. In today’s world […]
Psinfo is a Volatility plugin which collects the process related information from the VAD (Virtual Address Descriptor) and PEB (Process Enivornment Block) and displays the collected information and suspicious memory regions for all the processes running on the system. This plugin should allow a security analyst to get the process related information and spot any […]
Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect and divert the forensic analysis techniques. The plugin detects such attacks by finding discrepancy in the VAD and PEB, it also disassembles the address of entry point to detect any redirection attempts and […]
This is an announcement for the upcoming Cysinfo cyber security community meetup on 19th November 2016 in Bangalore, India. This meet is completely free and doesn’t require any registration or any other formalities to attend. The meet will start at 9:30 AM IST. [jtrt_tables id=’4612′] Venue: Amrita University (Amrita Vishwa Vidyapeetham) Bengaluru Campus Kasavanahalli, Carmelaram P.O. […]
Video: Text: Audience Level: Internet user, Mid level Analyst Prerequisite: Programming Language Introduction: Obfuscation: https://en.wikipedia.org/wiki/Obfuscation_(software) Infection Method: Malicious documents are mostly delivered through email campaigns. The attacker send the tailored email to the victim with the malicious email attachment or a malicious web link. Once the victim open the malicious document it will download the […]
APITracker is a major update to our tool Malpimp. It follows the same methodology for hooking and reporting but with an enhanced feature set and more stable logging options. New to APITracker: 1.Server Logging: APItracker can send the api logs on the remote server so you don’t have to worry about ransomewares etc. 2.Parameters: APItracker […]
Video Link: Text: Audience Level: Beginner, Internet user Prerequisite: Python programming language Introduction: In this week I will discuss about the macro analysis since macros are one of the top threat today to compromise/infect the endpoint machines. These days the macro based downloaders download ransomeware, POS malware and other banking trojans so the investigation of […]
In the previous post we looked at HollowFind Volatility plugin and saw how it can detect different process hollowing techniques and display those malicious processes which are victims of process hollowing . In this post lets look at another Volatility plugin called Psinfo. This plugin is similar to hollowfind plugin but instead of identifying the […]