In this presentation, Monnappa explained the concept of code injection and hollow process injection. He demonstrated the working of hollow process injection using reverse engineering and showed how such infections can be detected and investigated using memory forensics Presentation: Demo 1 – Understanding Hollow Process Injection Using Reverse Engineering: Demo […]
Here is the quick update and presentations from our recently concluded Third ‘SecurityXploded Cyber Security Quarterly Meetup’. In this meet, Sameer Patil delivered presentations on “Anatomy of Exploit Kits”, Satyam Saxena covered the topic on “Detecting the Malicious Url using Machine Learning” and Monnappa KA presented the topic on “Hunting the Gh0st RAT […]
Here is the quick update and presentations from our recently concluded Second ‘SecurityXploded Quarterly Meet’. In this meet, Raghav Pande and Monnappa delivered fabulous presentations on reverse engineering the evasive tactics of advanced malwares and SecurityXploded Team announced the launch of a new project – MalwareNet – crowd based Malware Intelligence and Analysis […]
In this second quarterly meetup, SecurityXploded Team announced the launch of a new project – MalwareNet – Malware Intelligence and Analysis network . Below is the presentation described the various components of the project, Take a fresh look here,
In this awesome presentation, Monnappa explained about Etumbot malware used in a Cyber Espionage attack. He showcased the sandbox analysis, Reverse engineering and Decrypting the communications of Etumbot Backdoor using practical video demonstrations. Presentation: Video Demo 1: Video Demo 2: Video Demo 3: References: http://www.arbornetworks.com/asert/2014/06/illuminating-the-etumbot-apt-backdoor/ http://www.fireeye.com/blog/technical/botnet-activities-research/2014/09/darwins-favorite-apt-group-2.html
In this presentation, Raghav Pande explained various self defending mechanisms of BetaBot. He also presented unpacking, hooking and injection methods of this malware using illustrative screenshots. Presentation:
