A number of devices are running Linux due to its flexibility and open source nature. This has made Linux platform the target for malware attacks, so it becomes important to analyze the Linux malwares. Today, there is a need to analyze Linux malwares in an automated way to understand its capabilities. Limon is a sandbox […]
A number of devices are running Linux due to its flexibility and open source nature. This has made Linux platform the target for malware attacks, so it becomes important to analyze the Linux malwares. Today, there is a need to analyze Linux malwares in an automated way to understand its capabilities. Limon is a sandbox […]
Many times while doing memory analysis (or malware analysis) an analyst would be presented with lots of data and analyst has to manually find the malicious artifacts from that data which takes time and effort. This tool helps in solving that problem by comparing the results between the clean and infected memory images. This tool […]
Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect the Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools. Limon […]
In this meet, Adarsh Agarwal delivered presentation on “Understanding Cryptolocker (Ransomware) with a Case study”, Satyam Saxena covered the topic on “Malicious Client Detection using Machine Learning”, Abhinav Chourasia presented on “Buffer Overflow Attacks”, Anirudh Duggal presented on “Fingerprinting Healthcare Institutions” and Monnappa K A presented on the topic “Reversing and Investigating Malware Evasive Tactics […]
In this presentation, Monnappa explained the concept of code injection and hollow process injection. He demonstrated the working of hollow process injection using reverse engineering and showed how such infections can be detected and investigated using memory forensics Presentation: Demo 1 – Understanding Hollow Process Injection Using Reverse Engineering: Demo 2 – Investigating […]
In this presentation, Anirudh Duggal covered the techniques used to fingerprint vulnerable hospitals and healthcare infrastructure using web based tools. He also explained the potential attack points and the measures that can be taken to secure such infrastructure. Presentation:
In this presentation, Abhinav chourasia covered the concept of Buffer Overflow and he also demonstrated how one can exploit a vulnerable application and take control of a system and execute arbitrary commands on the system Presentation:
In this presentation, Satyam Saxena talked about features that can be used to detect DGA domains and he also covered how Whois information and passive dns data can be used to build model to detect the infected systems Presentation:
In this presentation, Adarsh Agarwal covered the the infection mechanism of Ransomwares, different variants of Ransomwares, differences between the variants, anatomy of ransomwares, timeline of the Ransomware infections since jan 2016 and the case study of TeslaCrypt V2 Presentation: