26

Limon Sandbox for Analyzing Linux Malwares

A number of devices are running Linux due to its flexibility and open source nature. This has made Linux platform the target for malware attacks, so it becomes important to analyze the Linux malwares. Today, there is a need to analyze Linux malwares in an automated way to understand its capabilities. Limon is a sandbox […]

24

Limon Linux Sandbox

A number of devices are running Linux due to its flexibility and open source nature. This has made Linux platform the target for malware attacks, so it becomes important to analyze the Linux malwares. Today, there is a need to analyze Linux malwares in an automated way to understand its capabilities. Limon is a sandbox […]

20

Linux Mem Diff Tool

Many times while doing memory analysis (or malware analysis) an analyst would be presented with lots of data and analyst has to manually find the malicious artifacts from that data which takes time and effort. This tool helps in solving that problem by comparing the results between the clean and infected memory images. This tool […]

20

Setting up Limon Sandbox for Analyzing Linux Malwares

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect the Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools. Limon […]

8

7th Quarterly Meetup – 28th May 2016

In this meet, Adarsh Agarwal delivered presentation on “Understanding Cryptolocker (Ransomware) with a Case study”, Satyam Saxena covered the topic on “Malicious Client Detection using Machine Learning”, Abhinav Chourasia presented on “Buffer Overflow Attacks”, Anirudh Duggal presented on “Fingerprinting Healthcare Institutions” and Monnappa K A presented on the topic “Reversing and Investigating Malware Evasive Tactics […]

32

7th Meetup – Reversing and Investigating Malware Evasive Tactics – Hollow Process Injection

In this presentation, Monnappa explained the concept of code injection and hollow process injection. He demonstrated the working of hollow process injection using reverse engineering and showed how such infections can be detected and investigated using memory forensics Presentation:   Demo 1 – Understanding Hollow Process Injection Using Reverse Engineering:   Demo 2 – Investigating […]