This chapter was about basic static analysis. It went over tools to quickly analyze a windows binary to see if it contains malware. An example of basic steps include: using virustotal to scan the binary against numerous AVs; checking the Timestamp of compilation; using PEiD to see if the binary is packed; using tools to inspect the PE headers for clues of malicious intent and packing.
The labs are fun, and give practical hands on exercise. There are tons of books out there, but the best ones give labs or some kind of practice. The labs go from easy to hard and the solutions in the back come verbose, so you know what you missed and how to solve the questions.
Really loving this book so far and am taking my time to really learn the material.
Sunday, July 21, 2013
Monday, July 15, 2013
A Dive Into Malware
I don't understand why companies continually remove social-engineering and client-side attacks from scope. I think it's great that companies are getting their applications and external networks pentested, but attackers are and have always been getting into companies. How? By having your employees run malware on their machines.
0-days are great. They also aren't the most used method of gaining access to your system. In personal experience, I've almost ALWAYS had a user run benign 'malware' just as a proof of concept. Because of this, I think I'm going to start and jump into malware development and analysis. Humans are stupid, and I'll exploit that.
I'm going to start by reading http://www.amazon.com/Practical-Malware-Analysis-Dissecting-Malicious/dp/1593272901. Really looking forward to this read and the hands on labs. I also hope to come up with all types of malware examples to use on a pentest. If I don't ever use them but you do (legally), please share with me your experiences and let me taste your victories.
Note: This is a random blog post. Mostly a reminder for me why I'm doing this again.
0-days are great. They also aren't the most used method of gaining access to your system. In personal experience, I've almost ALWAYS had a user run benign 'malware' just as a proof of concept. Because of this, I think I'm going to start and jump into malware development and analysis. Humans are stupid, and I'll exploit that.
I'm going to start by reading http://www.amazon.com/Practical-Malware-Analysis-Dissecting-Malicious/dp/1593272901. Really looking forward to this read and the hands on labs. I also hope to come up with all types of malware examples to use on a pentest. If I don't ever use them but you do (legally), please share with me your experiences and let me taste your victories.
Note: This is a random blog post. Mostly a reminder for me why I'm doing this again.
Subscribe to:
Posts (Atom)