Advanced Malware Analysis Training Session 5 – Reversing Automation

Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and  our advanced malware analysis session on Reversing Automation


This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.


 

Presentation was from Harsimran but due to last minute commitments, Amit has to deliver it.  In this descriptive session, Amit explained various automation techniques covering pefile, pydbg, IDAPython scripts.  He also showed demo of ExeScan and Malpimp tools.

This presentation is available at our Security Presentations page. Demo Videos for all the sessions are available on Security Training Videos page.

 

We extend special thanks to Harsimran/Amit Malik for this special session in a hot summer !

 

Stay tuned to our next and yet another exciting training session !

Similar posts
  • Code Injection and API Hooking Techni... Hooking covers a range of techniques used for many purposes like debugging, monitoring, intercepting messages, extending functionality etc. Hooking is also used by a lot of rootkits to camouflage themselves on the system. Rootkits use various hooking techniques when they have to hide a process, hide a network port, redirect file writes to some different [...]
  • Advanced Malware Analysis Training Se... Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 2) Dissecting the HeartBeat  RAT Functionalities   This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting various Communications Of HeartBeat [...]
  • Advanced Malware Analysis Training Se...   Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 1) Reversing & Decrypting Communications of HeartBeat RAT This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting The [...]
  • Detailed Overview and Internals of PE... A win32 portable executable(PE) file consists of: DOS Header, PE Header, Section Table, Sections. Analyzing a PE file gives us a lot of information like the address in memory where the file will be located (ImageBase), address of entry point, imported and exported functions, packed or unpacked etc. Thus this static analysis can indicate whether [...]
  • SEH Exploitation to Get Shell Access   Structured Exception Handling is a mechanism for handling both hardware and software exceptions in Windows OS. Structured exception handling enables us to have complete control over the handling of exceptions and it also provides support for debuggers as well. SEH exploitation is based on stack buffer overflow technique. It becomes easy to exploit a [...]

Leave a Reply

Our Company

Follow us on Facebook


Join Mailing List

Get direct access to our expert trainers or mingle with like minded security folks in our mailing list