SecurityTrainings

Posts in category Security Tools

SX 3rd Meetup – Hunting Ghost R...

SX 3rd Meetup – Hunting Ghost RAT Using Memory Forensics

In this awesome presentation, Monnappa KA explained the details of Ghost RAT malware used in various Cyber Espionage attacks. He showcased the sandbox analysis, traffic pattern and decrypting the communications of Ghost RAT from packet capture. He also demonstrated both manual and automated method of detecting and decrypting the communications of Ghost RAT using memory […]

SX 2nd Meetup – Reversing and D...

SX 2nd Meetup – Reversing and Decrypting the Communications of APT Malware

In this awesome presentation, Monnappa explained about Etumbot malware used in a Cyber Espionage attack.  He showcased the sandbox analysis, Reverse engineering and Decrypting the communications of Etumbot Backdoor using practical video demonstrations.    Presentation:     Video Demo 1:     Video Demo 2:     Video Demo 3:   References: http://www.arbornetworks.com/asert/2014/06/illuminating-the-etumbot-apt-backdoor/ http://www.fireeye.com/blog/technical/botnet-activities-research/2014/09/darwins-favorite-apt-group-2.html

Session 11: (Part 2) Dissecting the H...

Session 11: (Part 2) Dissecting the HeartBeat APT RAT Features

This is advanced session demonstrating various features of HeartBeat APT RAT.  Kindly check out the reference section at the end of presentation for more details.    

Session 10: (Part 1) Reversing &...

Session 10: (Part 1) Reversing & Decrypting Communications of HeartBeat RAT

This session illustrates secrets of HearBeat Rat by reversing and decrypting its internal communication mechanism.    

Session 9: Malware Analysis using PyM...

Session 9: Malware Analysis using PyMal & Malpimp

Pymal and Malpimp are the two tools developed by us to accelerate the analysis process. This session demonstrates the use and purpose of both tools.  

Session 5: Reverse Engineering Automa...

Session 5: Reverse Engineering Automation (Scripts, plugins etc.)

This is one of the most important session. We highly recommend the use of tools and plugins we have discussed in this session. Check reference section for more information.    

Session 1: Detection and Removal of M...

Session 1: Detection and Removal of Malwares

This session will introduce you with some tools and tricks to identify and remove malwares from the infected system. Check the reference section for more information.    

Session 5 – Reverse Engineering Basic...

Session 5 – Reverse Engineering Basics and Tool Guide

Some tools like ollydbg, IDA pro etc. are little bit complex and may not make much sense at first. The most important part in reverse engineering is to deeply understand your tools. The 50% of success depends on the tools and rest is on your knowledge and experience. Check the help files (for example: ollydbg […]

Session 3 – Windows PE File Format Ba...

Session 3 – Windows PE File Format Basics

This session is one of the most important session of the entire course. PE file format is the windows executable file format and a very good understanding of it will allow you to understand more advanced concepts of packers, loaders etc. Check the reference section for additional papers and books.  

Session 1 – Reversing & Malware ...

Session 1 – Reversing & Malware Analysis Lab Setup Guide

This session will guide you to prepare your lab for malware analysis. Don’t forget to check the reference links to download the tools.