Setup a VM to use for analyzing malware

Slides:



Advertisements
Similar presentations
OpalisRobot™ Demonstration Actual Run Book Procedure Actual Data center Run Book Procedure documenting for Level 1 staff how to both VERIFY.
Advertisements

Web application security
Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions.
1 SANS Technology Institute - Candidate for Master of Science Degree 1 Metasploit Payloads and Antivirus Mark Baggett December 2008 GIAC GSEC GCIH.
JUnit. What is unit testing? A unit is the smallest testable part of an application. A unit test automatically verifies the correctness of the unit. There.
CS 225 Lab #2 - Pointers, Copy Constructors, Destructors, and DDD.
Terms: Test (Case) vs. Test Suite
Unit Testing & Defensive Programming. F-22 Raptor Fighter.
Dr. XiaoFeng Wang AGIS: Towards Automatic Generation of Infection Signatures Zhuowei Li 1,3, XiaoFeng Wang 1, Zhenkai Liang 4 and Mike Reiter 2 1 Indiana.
Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions.
Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions.
MIS Week 2 Site:
Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions.
CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.
Virus Detection Mechanisms Final Year Project by Chaitanya kumar CH K.S. Karthik.
1 Figure 4-16: Malicious Software (Malware) Malware: Malicious software Essentially an automated attack robot capable of doing much damage Usually target-of-opportunity.
Hands on with BackTrack Information gathering, scanning, simple exploits By Edison Carrick.
Executable Unpacking using Dynamic Binary Instrumentation Shubham Bansal (iN3O) Feb 2015 UndoPack 1.
Unit Testing with JUnit and Clover Based on material from: Daniel Amyot JUnit Web site.
Eureka: A Framework for Enabling Static Malware Analysis the 13 th European Symposium on Research in Computer Security (ESORICS) conference 2008 WANG Zhi.
Simple Java Unit Testing with JUnit 4 and Netbeans 6.1 Kiki Ahmadi JUG-Bonek.
1 Programming Environment and Tools VS.Net 2012 First project MSDN Library.
22-July-2002cse142-13B-Development © 2002 University of Washington1 Development Tools CSE 142, Summer 2002 Computer Programming 1
LOGOPolyUnpack: Automating the Hidden-Code Extraction of Unpack-Executing Malware Royal, P.; Halpin, M.; Dagon, D.; Edmonds, R.; Wenke Lee; Computer Security.
Introduction of Geoprocessing Lecture 9. Geoprocessing  Geoprocessing is any GIS operation used to manipulate data. A typical geoprocessing operation.
Slide 1 VB Graphics Controls & Timer Control. Slide 2 Default Controls.
JMU GenCyber Boot Camp Summer, “Canned” Exploits For many known vulnerabilities attackers do not have to write their own exploit code Many repositories.
Introduction to InfoSec – Recitation 3 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (infosec15 at modprobe.net)
Debugging Lab Antonio Gómez-Iglesias Texas Advanced Computing Center.
Unveiling Zeus Automated Classification of Malware Samples Abedelaziz Mohaisen Omar Alrawi Verisign Inc, VA, USA Verisign Labs, VA, USA
Reference Documents4.6fi_12.1 Chapter 12 Reference Documents During the normal course of business, repetitive periodic accounting transactions must be.
CIS 4930 / CIS 5930 Offensive Computer Security Spring 2014 I only edited it again.
HYDRA Framework. Setup of software environment Setup of software environment Using the documentation Using the documentation How to compile a program.
Polymorphic Virus Analysis Nicolas BRULEZ Senior Virus Researcher Websense Security Labs IMPROVISED TALK MMMKAY?!
Avast Mail Scanner When we talk about antivirus, Avast has never disappointed us. With the inclusions of latest features all the time, it is able to.
Mobile Hacking - Fundamentals
Lab assignments Follow each lab walkthrough in textbook
A lustrum of malware network communication: Evolution & insights
Topics Introduction Hardware and Software How Computers Store Data
Grammar-based Specification and Parsing for Binary File Formats
Techniques, Tools, and Research Issues
Static Detection of Cross-Site Scripting Vulnerabilities
Programmer: Roman Martushev
Continuous Integration and Testing
Network Exploitation Tool
UI-Performance Optimization by Identifying its Bottlenecks
Chapter 8 – Software Testing
CIT 480: Securing Computer Systems
Testing & Testing Tools
Relates to machining and turning centers
Using Python to Interact with the EPA WATERS Web Services (part 2)
Panda is the mostly used Anti-virus Panda is the top antivirus to protect your computer from injurious viruses. Panda Antivirus is the best antivirus.
Part 1: Basic Analysis Chapter 1: Basic Static Techniques
Rapid fire performance testing of 250 websites
Sage ERP X3 Default User Destinations
Lab assignments Follow each lab walkthrough in textbook
Unit 9 NT1330 Client-Server Networking II Date: 8/9/2016
Tonga Institute of Higher Education
Topics Introduction Hardware and Software How Computers Store Data
How to stop Fortran programming problems at the source
POWERPOINT PRESENTATION
How to stop C programming problems at the source
PROGRAMMING FUNDAMENTALS Lecture # 03. Programming Language A Programming language used to write computer programs. Its mean of communication between.
CMSC 491/691 Malware Analysis
Lecture 4: HTML/CSS Lab Wednesday February 1, /12/2019
Lab 8: GUI testing Software Testing LTAT
Clip, Merge, Cluster, and Repeat
Lecture 34: Testing II April 24, 2017 Selenium testing script 7/7/2019
QTP Test Process
Presentation transcript:

Assignment 5: Questions, challenges, and programs demonstrating the following (due in 1 week) Setup a VM to use for analyzing malware What features do you need to disable to ensure that the malware cannot Cause damage Propagate Detect it is running on a VM Set it up so you can quickly restore it to a pristine state after the analysis Write a simple virus that infects executables Example: Change the functionality of a binary to print “I am a virus” along with its normal output” The metasploit framework includes scripts that generate and encode shellcode http://downloads.metasploit.com/data/releases/framework-latest.tar.bz2 msfpayload generates payloads msfencode by default uses the x86/shikata_ga_na encodes More encoders in directory modules/encoders/ Can you embed and invoke shellcode from a program? Can you obtain the original shellcode by single-stepping through the encoder? Setup a challenge where you have to pack and unpack binaries Automatically, using a well-known packer and tools Manually, by using a debugger to step through the unpacking process and extract the actual code Feel free to google for programming and analysis challenges Don’t get infected

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.