Automated Extraction of Configuration and Payloads from Sophisticated Malware

Automated Extraction of Configuration and Payloads from Sophisticated Malware

44CON Information Security Conference via YouTube Direct link

Import Reconstruction

9 of 20

9 of 20

Import Reconstruction

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Automated Extraction of Configuration and Payloads from Sophisticated Malware

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 A bit of background..
  3. 3 Malware Obfuscation
  4. 4 Manual Approach
  5. 5 Automated Analysis
  6. 6 Techniques & tools from manual analysis
  7. 7 Debugger
  8. 8 Dumper
  9. 9 Import Reconstruction
  10. 10 CAPE Walkthrough Demo Plug
  11. 11 DLL Side loading
  12. 12 Extracting/loading modules in memory
  13. 13 Process injection: Shellcode or DLL
  14. 14 Process Hollowing (RunPE)
  15. 15 Executable Packers/Custom Crypto
  16. 16 Current Coverage
  17. 17 CAPE Extensibility
  18. 18 How do you make a package? CAPE API
  19. 19 Config Parsing
  20. 20 CAPE Resources

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.