Explore an automated approach to Linux malware analysis using the Limon sandbox in this 56-minute Black Hat conference talk. Delve into the growing importance of analyzing Linux malware due to the platform's increasing popularity and vulnerability to attacks. Learn how Limon, a Python-based research project, automates the collection, analysis, and reporting of Linux malware runtime indicators. Discover how this open-source tool performs static, dynamic, and memory analysis, allowing for comprehensive inspection before, during, and after malware execution. Gain insights into Limon's capabilities, including ELF binary characterization, controlled environment analysis, process activity monitoring, and artifact storage for post-mortem analysis. Understand the implementation details of the sandbox and witness a video demonstration showcasing the analysis of real-world Linux malware samples using Limon.
Overview
Syllabus
Automating Linux Malware Analysis Using Limon Sandbox
Taught by
Black Hat