Presentation is loading. Please wait.

Presentation is loading. Please wait.

Setup a VM to use for analyzing malware

Published byHinrich Fromm Modified over 5 years ago

Similar presentations

Presentation on theme: "Setup a VM to use for analyzing malware"— Presentation transcript:

1 Assignment 5: Questions, challenges, and programs demonstrating the following (due in 1 week)
Setup a VM to use for analyzing malware What features do you need to disable to ensure that the malware cannot Cause damage Propagate Detect it is running on a VM Set it up so you can quickly restore it to a pristine state after the analysis Write a simple virus that infects executables Example: Change the functionality of a binary to print “I am a virus” along with its normal output” The metasploit framework includes scripts that generate and encode shellcode msfpayload generates payloads msfencode by default uses the x86/shikata_ga_na encodes More encoders in directory modules/encoders/ Can you embed and invoke shellcode from a program? Can you obtain the original shellcode by single-stepping through the encoder? Setup a challenge where you have to pack and unpack binaries Automatically, using a well-known packer and tools Manually, by using a debugger to step through the unpacking process and extract the actual code Feel free to google for programming and analysis challenges Don’t get infected

Download ppt "Setup a VM to use for analyzing malware"

Similar presentations

OpalisRobot™ Demonstration www.opalis.com. Actual Run Book Procedure Actual Data center Run Book Procedure documenting for Level 1 staff how to both VERIFY.

OpalisRobot™ Demonstration Actual Run Book Procedure Actual Data center Run Book Procedure documenting for Level 1 staff how to both VERIFY.
Web application security

Web application security
Www.SecurityXploded.com. Disclaimer The Content, Demonstration, Source Code and Programs presented here is AS IS without any warranty or conditions.

Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions.
1 SANS Technology Institute - Candidate for Master of Science Degree 1 Metasploit Payloads and Antivirus Mark Baggett December 2008 GIAC GSEC GCIH.

1 SANS Technology Institute - Candidate for Master of Science Degree 1 Metasploit Payloads and Antivirus Mark Baggett December 2008 GIAC GSEC GCIH.
JUnit. What is unit testing? A unit is the smallest testable part of an application. A unit test automatically verifies the correctness of the unit. There.

JUnit. What is unit testing? A unit is the smallest testable part of an application. A unit test automatically verifies the correctness of the unit. There.
CS 225 Lab #2 - Pointers, Copy Constructors, Destructors, and DDD.

CS 225 Lab #2 - Pointers, Copy Constructors, Destructors, and DDD.
Terms: Test (Case) vs. Test Suite

Terms: Test (Case) vs. Test Suite
Unit Testing & Defensive Programming. F-22 Raptor Fighter.

Unit Testing & Defensive Programming. F-22 Raptor Fighter.
Dr. XiaoFeng Wang AGIS: Towards Automatic Generation of Infection Signatures Zhuowei Li 1,3, XiaoFeng Wang 1, Zhenkai Liang 4 and Mike Reiter 2 1 Indiana.

Dr. XiaoFeng Wang AGIS: Towards Automatic Generation of Infection Signatures Zhuowei Li 1,3, XiaoFeng Wang 1, Zhenkai Liang 4 and Mike Reiter 2 1 Indiana.
Www.SecurityXploded.com. Disclaimer The Content, Demonstration, Source Code and Programs presented here is AS IS without any warranty or conditions.

Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions.
Www.SecurityXploded.com. Disclaimer The Content, Demonstration, Source Code and Programs presented here is AS IS without any warranty or conditions.

Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions.
MIS 5212.001 Week 2 Site:

MIS Week 2 Site:
Www.SecurityXploded.com. Disclaimer The Content, Demonstration, Source Code and Programs presented here is AS IS without any warranty or conditions.

Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions.
CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.

CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.
Virus Detection Mechanisms Final Year Project by Chaitanya kumar CH K.S. Karthik.

Virus Detection Mechanisms Final Year Project by Chaitanya kumar CH K.S. Karthik.
1 Figure 4-16: Malicious Software (Malware) Malware: Malicious software Essentially an automated attack robot capable of doing much damage Usually target-of-opportunity.

1 Figure 4-16: Malicious Software (Malware) Malware: Malicious software Essentially an automated attack robot capable of doing much damage Usually target-of-opportunity.
Hands on with BackTrack Information gathering, scanning, simple exploits By Edison Carrick.

Hands on with BackTrack Information gathering, scanning, simple exploits By Edison Carrick.
Executable Unpacking using Dynamic Binary Instrumentation Shubham Bansal (iN3O) Feb 2015 UndoPack 1.

Executable Unpacking using Dynamic Binary Instrumentation Shubham Bansal (iN3O) Feb 2015 UndoPack 1.
Unit Testing with JUnit and Clover Based on material from: Daniel Amyot JUnit Web site.

Unit Testing with JUnit and Clover Based on material from: Daniel Amyot JUnit Web site.
Eureka: A Framework for Enabling Static Malware Analysis the 13 th European Symposium on Research in Computer Security (ESORICS) conference 2008 WANG Zhi.

Eureka: A Framework for Enabling Static Malware Analysis the 13 th European Symposium on Research in Computer Security (ESORICS) conference 2008 WANG Zhi.

Similar presentations

Ads by Google