When we analyse malwares we don’t have the source code. So in order to understand their logics we have to debug binaries (i.e. compiled form of source code like .exe, .dll etc.). In debugging we need to understand assembly of the program to build a high level logic. In short without assembly language you can’t reverse engineer an application. Check the reference links for additional material.
In this awesome presentation, Raghav Pande explained the concept of public protections and showed how public exploit mitigation toolkits are not enough to protect from a targeted attack as well as how easy it is to evade all public protections. Presentation:
In this awesome presentation, Subrat Sarkar explained the concepts of Windows logon mechanism, Windows Logon architecture, Windows credential provider and showed how an attacker can take advantage of credential provider to steal Windows password in plain text and how to find and mitigate this issue. Presentation:
In this awesome presentation, Amit Malik discussed about the importance of return address in solving some of the problems related to analysis and detection of the malicious codes. Presentation:
No Comments Yet