5

Cyber Security with Amit Malik – Episode 2 – Macro Code De-obfuscation using Vbscript Debugger

Video: Text: Audience Level: Internet user, Mid level Analyst Prerequisite: Programming Language Introduction: Obfuscation: https://en.wikipedia.org/wiki/Obfuscation_(software) Infection Method: Malicious documents are mostly delivered through email campaigns. The attacker send the tailored email to the victim with the malicious email attachment or a malicious web link. Once the victim open the malicious document it will download the […]

4

APITracker – Windows API Tracing tool

APITracker is a major update to our tool Malpimp. It follows the same methodology for hooking and reporting but with an enhanced feature set and more stable logging options. New to APITracker: 1.Server Logging: APItracker can send the api logs on the remote server so you don’t have to worry about ransomewares etc. 2.Parameters: APItracker […]

21

Detecting Malicious Processes Using Psinfo Volatility Plugin

In the previous post we looked at HollowFind Volatility plugin and saw how it can detect different process hollowing techniques and display those malicious processes which are victims of process hollowing . In this post lets look at another Volatility plugin called Psinfo. This plugin is similar to hollowfind plugin but instead of identifying the […]

16

8th Quarterly Meetup – 17th September 2016

In this meet, Ajay pratap Singh delivered presentation on “Attacking and Crashing IoT Devices via Bluetooth LE protocol”,Monnappa K A presented on “Investigating Malware using Memory Forensics” and “Understanding APT1 malware techniques using malware analysis and reverse engineering”, Ajithkumar V presented on “Elliptic curve cryptography”, Abhishek J M presented on “Dissecting Android APK”, Amit Malik presented on “EMET evasion […]