In this awesome presentation, Monnappa explained the concept of Rootkits, types of Rootkits, Memory Forensics. He demonstrated various stealth techniques used by the TDSS Rootkit and showed how to identify its presence and understand its capabilities and various functionality using memory forensics. Presentation: Video Demo:
You are browsing archives for
Category: Memory Forensics
SecurityXploded 3rd Quarterly Meetup – 2
Here is the quick update and presentations from our recently concluded Third ‘SecurityXploded Cyber Security Quarterly Meetup’. In this meet, Sameer Patil delivered presentations on “Anatomy of Exploit Kits”, Satyam Saxena covered the topic on “Detecting the Malicious Url using Machine Learning” and Monnappa KA presented the topic on “Hunting the Gh0st RAT […]
SX 3rd Meetup – Hunting Ghost RAT Using
In this awesome presentation, Monnappa KA explained the details of Ghost RAT malware used in various Cyber Espionage attacks. He showcased the sandbox analysis, traffic pattern and decrypting the communications of Ghost RAT from packet capture. He also demonstrated both manual and automated method of detecting and decrypting the communications of Ghost RAT using memory […]
Announcing SecurityXploded 3rd Meetup –
This is an announcement for the upcoming SecurityXploded community meetup on 24th January 2015 in Bangalore, India. This meet is completely free and doesn’t require any registration or any other formalities to attend. The meet will start at 10 AM IST. After the meet, we will upload the presentations/videos for our online users to […]
Session 7: Malware Memory Forensics
This session will introduce you some tools and techniques for malware memory forensics. Check the reference section for more information.
Session 8 – Practical Reversing Part III
Memory forensics is itself a complete domain in malware analysis. It is a process to identify the artefacts of malwares into the system after the infection. It is a branch of investigation and allow people to calculate the damage and risk of an malicious event. Check the reference section for additional material.