SlideShare a Scribd company logo

INtroduction to Zagros!

Download as PPTX, PDF
G
Gita Ziabari

This document discusses Zagros, a tool for automating the mining of malware data from VirusTotal. It summarizes Zagros' capabilities like obtaining malicious hashes, URLs, and files seen in the wild with low false positives. It provides an overview of Zagros' algorithms for scoring and selecting indicators. Stats show it mines a large percentage of new data submitted to VirusTotal each day. The document demonstrates Zagros' use and provides resources for using it along with necessary prerequisites.

Engineering
1 of 50
Mining VirusTotal for Operational Data and Applying Quality Control on the Obtained Results. Wall of Sheep, 2016 Gita Ziabari
© Fidelis Cybersecurity Agenda  When Automation is needed?  Techniques to automate processing of data mining malware.  Introducing Yalda  Overview of Algorithm.  Stats of obtained data by Yalda.  Demo.  GitHub link to get the tool for free!  How to use the tool.
© Fidelis Cybersecurity Introducing Zagros!
© Fidelis Cybersecurity Zagros  Makes it possible to get the latest malicious hashes and URLs seen in wild with minimum false positives.  Could lead to an organized research analysis based on malware type, malware name and malware family.  Great source for feeding cuckoo sandbox.  Determine strength of your device in detecting malicious data.  Performance testing tool.  Zagros is not an Antivirus tool!
© Fidelis Cybersecurity VT Data Mining VT Data Mining Mining Hashes Live File Feed VTI Search VT Cluster VT Report Download Files Mining URLs Live URL Feed
© Fidelis Cybersecurity Mining Hashes
© Fidelis Cybersecurity What to look for?VTFileFeedReport Hashes Positives Scans
© Fidelis Cybersecurity Hashes md5 sha256 sha1
© Fidelis Cybersecurity Positives  Indicates total number of AntiVirus Engines detected the hash malicious.
© Fidelis Cybersecurity Scans  AV Engine Score  Malware Type Score
© Fidelis Cybersecurity AV Engine Score
© Fidelis Cybersecurity AV Engine Score Mapping  Score AV engines based on your priorities and level of interest.
© Fidelis Cybersecurity Total AV Engine Score Microsoft 3 AVG 1 Av Engine Score 4
© Fidelis Cybersecurity Malware Type Severity
© Fidelis Cybersecurity Malware Type Severity Malware Type Severity Score WORM 3 VIRUS 3 TROJWARE 3 EXPLOIT 3 ADWARE 1 BOT 1 RANSOMWARE 5 ROOTKIT 4 RISKWARE 2 MALWARE 2 HOAX 1 POS 4 SPYWARE 2
© Fidelis Cybersecurity Hash Threat Score Total AV Score Malware Type Score Hash Threat Score
© Fidelis Cybersecurity Malicious Hash Positives Malware Type Score AV Score
© Fidelis Cybersecurity Storing Obtained Hashes  CSV files  High scored hashes  Mid scored hashes  MongoDB  Database: zagros  Collection: zagros_hashes
© Fidelis Cybersecurity Example of Obtained Hashes in mongoDB  "_id" : ObjectId("57a124d89bf13c5985c493cd"),  "Indicator" : "b772a1a03984c18b00eae4da49d6e7b8”,  "IngestTime" : "2016-08-02T18:55:20.177502",  Attributes" :  "malware_type" : "ADWARE",  "malware_name" : <malware_name>  "hash_type" : "high_scored",  "severity" : 1  "sha256" :"3312f7c6cacae837647ca68247f98c0b19a3ff7c93063ead77e7a0390f73c574”  "Type" : "hash”
© Fidelis Cybersecurity Live File Feed  Get the latest hashes being submitted to VT in real time.  More than 2 million hashes get evaluated on daily basis by Zagros and only ~300k get selected.  20% get mined by Zagros.  Execute the script once and it will stay in synch with VT every minute!  virustotal_data_mining_file.py
© Fidelis Cybersecurity VTI Search Search on file type, file size, positives, malware type, behavior,… 60% of given hashes are being added to database. Execute the script on hourly basis. virustotal_data_mining_vti_search.py
© Fidelis Cybersecurity VT Clustering  Get clustered data from VT.  PE, PDF, DOC and RTF files.  35% of given hashes are being added to database.  Run the script on daily basis to get the hashes clustered the day before.  virustotal_data_mining_clustered_hashes.py
© Fidelis Cybersecurity Expand the Search  Get the list of latest hashes mined by Zagros.  Search for similar-to hashes.  Execute the script on hourly basis.  24% of given hashes are being added to database.  virustotal_data_mining_file_similar_to.py
© Fidelis Cybersecurity Stats 0 500000 1000000 1500000 2000000 2500000 3000000 3500000 Live File Feed VT search Clustering Similar-to Total VT Zagros
© Fidelis Cybersecurity Download and Extract Embedded Files  Get the list of malicious hashes from Zagros database.  Download the files from VT.  Extract embedded files from it.  virustotal_data_mining_download_files.py
© Fidelis Cybersecurity Example 2abba92528a3 61f01f8671347 3566779 png gif dll exe bmp
© Fidelis Cybersecurity Malicious Extracted Files
© Fidelis Cybersecurity Sandbox Analysis  Copies itself to AppdataLocalTemp.  Begins using FindFirstFile and opening files.  Reads the file before overwriting it with the virus.  Opens the file to infect for writing.  Writes the virus code to the file along with an string 'visua’.  Writes the original file.  Appears that it attempts to infect all files and not just exe files.
© Fidelis Cybersecurity Mining URLs
© Fidelis Cybersecurity What to look for?VTURLFeedReport URL Positives AV Engine Additional Info
© Fidelis Cybersecurity Additional Information
© Fidelis Cybersecurity Scoring HTTP Response HTTP Response Score 200 2 100 1 403 1 404 1 Rest 0
© Fidelis Cybersecurity Scoring Categories blogs 1 uncategorized 0 malicious web sites 4 suspicious content 1 business 0 parked 0 phishing and other frauds 5 business and economy 0 travel 0 Bot networks 4 Parked domain 0 computersandsof tware 0 health 0 hacking 5 Not recommanded site 3 Elevated exposure 2 Proxy evoidance 2 potentially unwanted software 2
© Fidelis Cybersecurity URL Threat Score HTTP Response Score URL Categories Score URL Threat Score
© Fidelis Cybersecurity Whitelist Trusted URLs 7-zip.org acer.com adobe.com ahnlab.com microsoft.com blackberry.com ebay.com oogle.com hp.com mozilla.net oracle.com opera.com skype.com sophosupd.com samsung.co symantec.com toshiba.com dellbackupandrecovery.com,
© Fidelis Cybersecurity Malicious URL Positives AV Score Whitelisted URLs URL Categories Score HTTP Score
© Fidelis Cybersecurity Trim URLs  Include up to two path of the URL.  Expand possibility of getting malicious URLs.
© Fidelis Cybersecurity Obtained URL URL Short URL Positives AV Engine Score URL Threat Score http://www.i gmarealty.r u/index.php /?option=co m_content &task=view &ida www.igmar ealty.ru 10 10 12
© Fidelis Cybersecurity Live URL Feed  Get the latest URLs being submitted to VT in real time.  More than 3.7 million URLs get evaluated on daily basis by Zagros and only ~350K get selected.  9% get mined by Zagros.  Execute the script once and it will stay in synch with VT every minute!  virustotal_data_mining_url.py
© Fidelis Cybersecurity Malicious Hashes from URLs virustotal_data_mining_url_itw.py
© Fidelis Cybersecurity Storing Obtained URLs  CSV files  Stores URLs  MongoDB  Database: zagros  Collection: zagros_urls
© Fidelis Cybersecurity Quality Control Data  Hashes  URLs
© Fidelis Cybersecurity Aging Hashes  Removing the low scored hashes from mongoDB.  virustotal_aging_mined_data.py
© Fidelis Cybersecurity Aging URLs  Removing low scored URLs from database from mongoDB.  Script:virustotal_aging_mined_urls.py
© Fidelis Cybersecurity Conclusion  %100 accuracy in obtained results in terms of being malicious.  Makes it possible to get the latest malicious hashes and URLs seen in wild.  Could lead to an organized research analysis based on malware type, malware name and malware family.  Great source for feeding cuckoo sandbox.  Functional and performance testing tool.
© Fidelis Cybersecurity Code is available at Fidelis gitHub https://github.com/fideliscyber/data_mini ng
© Fidelis Cybersecurity What you would need to use Zagros  VT key  Python 2.7.6 or later  Linux OS  Python modules to download:  urllib2, urllib, json, requests, pymongo  MongoDB(optional)
© Fidelis Cybersecurity How to use Zagros
© Fidelis Cybersecurity Resources https://www.virustotal.com/en/documentation/ https://www.virustotal.com/en/documentation/private-api/ https://www.virustotal.com/intelligence/statistics/ https://www.forcepoint.com/master-database-url-categories
© Fidelis Cybersecurity Fidelis Cybersecurity Gita Ziabari Senior Threat Research Engineer Email: gita.ziabari@fidelissecurity.com Twitter: @gitaziabari

Recommended

Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksCyren, Inc
 
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportCyren, Inc
 
Threat Landscape Lessons from IoTs and Honeynets
Threat Landscape Lessons from IoTs and Honeynets Threat Landscape Lessons from IoTs and Honeynets
Threat Landscape Lessons from IoTs and Honeynets Digital Transformation EXPO Event Series
 
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyCyren, Inc
 
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingWebinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingCyren, Inc
 
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...CODE BLUE
 
Webinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowWebinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowCyren, Inc
 
Webinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareWebinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareCyren, Inc
 

Recommended

Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksCyren, Inc
 
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportCyren, Inc
 
Threat Landscape Lessons from IoTs and Honeynets
Threat Landscape Lessons from IoTs and Honeynets Threat Landscape Lessons from IoTs and Honeynets
Threat Landscape Lessons from IoTs and Honeynets Digital Transformation EXPO Event Series
 
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyCyren, Inc
 
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingWebinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingCyren, Inc
 
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...CODE BLUE
 
Webinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowWebinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowCyren, Inc
 
Webinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareWebinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareCyren, Inc
 
Fighting the next wave of sophisticated phishing attacks
Fighting the next wave of sophisticated phishing attacksFighting the next wave of sophisticated phishing attacks
Fighting the next wave of sophisticated phishing attacksShashi Prakash
 
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...SecureAuth
 
Networking 2016-05-24 - Topic 1- Cybereason Lab Analysis by Brad Green
Networking 2016-05-24 - Topic 1- Cybereason Lab Analysis by Brad Green Networking 2016-05-24 - Topic 1- Cybereason Lab Analysis by Brad Green
Networking 2016-05-24 - Topic 1- Cybereason Lab Analysis by Brad Green North Texas Chapter of the ISSA
 
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...NoNameCon
 
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...Minseok(Jacky) Cha
 
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...North Texas Chapter of the ISSA
 
Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns CrowdStrike
 
Cybereason - behind the HackingTeam infection server
Cybereason - behind the HackingTeam infection serverCybereason - behind the HackingTeam infection server
Cybereason - behind the HackingTeam infection serverAmit Serper
 
Standardizing and Strengthening Security to Lower Costs
Standardizing and Strengthening Security to Lower CostsStandardizing and Strengthening Security to Lower Costs
Standardizing and Strengthening Security to Lower CostsOpenDNS
 
You Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionYou Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionCrowdStrike
 
Crypto trap for social media 9.4.2016
Crypto trap for social media 9.4.2016Crypto trap for social media 9.4.2016
Crypto trap for social media 9.4.2016Michael Zuckerman
 
Targeted attacks on major industry sectores in south korea 20170927 cha minse...
Targeted attacks on major industry sectores in south korea 20170927 cha minse...Targeted attacks on major industry sectores in south korea 20170927 cha minse...
Targeted attacks on major industry sectores in south korea 20170927 cha minse...Minseok(Jacky) Cha
 
Avoiding Sophisticated Targeted Breach Critical Guidance Healthcare
Avoiding Sophisticated Targeted Breach Critical Guidance HealthcareAvoiding Sophisticated Targeted Breach Critical Guidance Healthcare
Avoiding Sophisticated Targeted Breach Critical Guidance HealthcareCybereason
 
Webinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threatWebinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threatCyren, Inc
 
TA505: A Study of High End Big Game Hunting in 2020
TA505: A Study of High End Big Game Hunting in 2020TA505: A Study of High End Big Game Hunting in 2020
TA505: A Study of High End Big Game Hunting in 2020MITRE - ATT&CKcon
 
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORMDEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORMCrowdStrike
 
CeBIT 2015 Presentation
CeBIT 2015 PresentationCeBIT 2015 Presentation
CeBIT 2015 PresentationCyren, Inc
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingCrowdStrike
 
Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCrowdStrike
 
Putting the PRE into ATTACK
Putting the PRE into ATTACKPutting the PRE into ATTACK
Putting the PRE into ATTACKMITRE - ATT&CKcon
 
3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!NormShield, Inc.
 
Corporate Espionage without the Hassle of Committing Felonies
Corporate Espionage without the Hassle of Committing FeloniesCorporate Espionage without the Hassle of Committing Felonies
Corporate Espionage without the Hassle of Committing FeloniesJohn Bambenek
 

More Related Content

What's hot

Fighting the next wave of sophisticated phishing attacks
Fighting the next wave of sophisticated phishing attacksFighting the next wave of sophisticated phishing attacks
Fighting the next wave of sophisticated phishing attacksShashi Prakash
 
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...SecureAuth
 
Networking 2016-05-24 - Topic 1- Cybereason Lab Analysis by Brad Green
Networking 2016-05-24 - Topic 1- Cybereason Lab Analysis by Brad Green Networking 2016-05-24 - Topic 1- Cybereason Lab Analysis by Brad Green
Networking 2016-05-24 - Topic 1- Cybereason Lab Analysis by Brad Green North Texas Chapter of the ISSA
 
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...NoNameCon
 
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...Minseok(Jacky) Cha
 
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...North Texas Chapter of the ISSA
 
Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns CrowdStrike
 
Cybereason - behind the HackingTeam infection server
Cybereason - behind the HackingTeam infection serverCybereason - behind the HackingTeam infection server
Cybereason - behind the HackingTeam infection serverAmit Serper
 
Standardizing and Strengthening Security to Lower Costs
Standardizing and Strengthening Security to Lower CostsStandardizing and Strengthening Security to Lower Costs
Standardizing and Strengthening Security to Lower CostsOpenDNS
 
You Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionYou Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionCrowdStrike
 
Crypto trap for social media 9.4.2016
Crypto trap for social media 9.4.2016Crypto trap for social media 9.4.2016
Crypto trap for social media 9.4.2016Michael Zuckerman
 
Targeted attacks on major industry sectores in south korea 20170927 cha minse...
Targeted attacks on major industry sectores in south korea 20170927 cha minse...Targeted attacks on major industry sectores in south korea 20170927 cha minse...
Targeted attacks on major industry sectores in south korea 20170927 cha minse...Minseok(Jacky) Cha
 
Avoiding Sophisticated Targeted Breach Critical Guidance Healthcare
Avoiding Sophisticated Targeted Breach Critical Guidance HealthcareAvoiding Sophisticated Targeted Breach Critical Guidance Healthcare
Avoiding Sophisticated Targeted Breach Critical Guidance HealthcareCybereason
 
Webinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threatWebinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threatCyren, Inc
 
TA505: A Study of High End Big Game Hunting in 2020
TA505: A Study of High End Big Game Hunting in 2020TA505: A Study of High End Big Game Hunting in 2020
TA505: A Study of High End Big Game Hunting in 2020MITRE - ATT&CKcon
 
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORMDEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORMCrowdStrike
 
CeBIT 2015 Presentation
CeBIT 2015 PresentationCeBIT 2015 Presentation
CeBIT 2015 PresentationCyren, Inc
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingCrowdStrike
 
Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCrowdStrike
 

What's hot (20)

Fighting the next wave of sophisticated phishing attacks
Fighting the next wave of sophisticated phishing attacksFighting the next wave of sophisticated phishing attacks
Fighting the next wave of sophisticated phishing attacks
 
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
 
Networking 2016-05-24 - Topic 1- Cybereason Lab Analysis by Brad Green
Networking 2016-05-24 - Topic 1- Cybereason Lab Analysis by Brad Green Networking 2016-05-24 - Topic 1- Cybereason Lab Analysis by Brad Green
Networking 2016-05-24 - Topic 1- Cybereason Lab Analysis by Brad Green
 
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...
 
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
 
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...
 
Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns
 
Cybereason - behind the HackingTeam infection server
Cybereason - behind the HackingTeam infection serverCybereason - behind the HackingTeam infection server
Cybereason - behind the HackingTeam infection server
 
Standardizing and Strengthening Security to Lower Costs
Standardizing and Strengthening Security to Lower CostsStandardizing and Strengthening Security to Lower Costs
Standardizing and Strengthening Security to Lower Costs
 
You Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionYou Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And Detection
 
Crypto trap for social media 9.4.2016
Crypto trap for social media 9.4.2016Crypto trap for social media 9.4.2016
Crypto trap for social media 9.4.2016
 
Targeted attacks on major industry sectores in south korea 20170927 cha minse...
Targeted attacks on major industry sectores in south korea 20170927 cha minse...Targeted attacks on major industry sectores in south korea 20170927 cha minse...
Targeted attacks on major industry sectores in south korea 20170927 cha minse...
 
Avoiding Sophisticated Targeted Breach Critical Guidance Healthcare
Avoiding Sophisticated Targeted Breach Critical Guidance HealthcareAvoiding Sophisticated Targeted Breach Critical Guidance Healthcare
Avoiding Sophisticated Targeted Breach Critical Guidance Healthcare
 
Webinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threatWebinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threat
 
TA505: A Study of High End Big Game Hunting in 2020
TA505: A Study of High End Big Game Hunting in 2020TA505: A Study of High End Big Game Hunting in 2020
TA505: A Study of High End Big Game Hunting in 2020
 
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORMDEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
 
CeBIT 2015 Presentation
CeBIT 2015 PresentationCeBIT 2015 Presentation
CeBIT 2015 Presentation
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
 
Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint Security
 
Putting the PRE into ATTACK
Putting the PRE into ATTACKPutting the PRE into ATTACK
Putting the PRE into ATTACK
 

Similar to INtroduction to Zagros!

3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!NormShield, Inc.
 
Corporate Espionage without the Hassle of Committing Felonies
Corporate Espionage without the Hassle of Committing FeloniesCorporate Espionage without the Hassle of Committing Felonies
Corporate Espionage without the Hassle of Committing FeloniesJohn Bambenek
 
You can't detect what you can't see illuminating the entire kill chain
You can't detect what you can't see illuminating the entire kill chainYou can't detect what you can't see illuminating the entire kill chain
You can't detect what you can't see illuminating the entire kill chainFidelis Cybersecurity
 
Verizon DMS' Bot Mitigation from Paul Hobbs
Verizon DMS' Bot Mitigation from Paul HobbsVerizon DMS' Bot Mitigation from Paul Hobbs
Verizon DMS' Bot Mitigation from Paul HobbsPaul Hobbs
 
What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?Samvel Gevorgyan
 
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINXKeep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINXNGINX, Inc.
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec
 
Yalda –Automated Bulk Intelligence Collection
Yalda –Automated Bulk Intelligence CollectionYalda –Automated Bulk Intelligence Collection
Yalda –Automated Bulk Intelligence CollectionGita Ziabari
 
Spiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout sessionSpiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout sessionShane Rice
 
UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013Martin Jordan
 
We cant hack ourselves secure
We cant hack ourselves secureWe cant hack ourselves secure
We cant hack ourselves secureEoin Keary
 
GDP Product Presentation
GDP Product PresentationGDP Product Presentation
GDP Product Presentationtswong
 
Dissecting ssl threats
Dissecting ssl threatsDissecting ssl threats
Dissecting ssl threatsZscaler
 
10 Open Source Security Testing Tools to Test Your Website
10 Open Source Security Testing Tools to Test Your Website10 Open Source Security Testing Tools to Test Your Website
10 Open Source Security Testing Tools to Test Your WebsiteCigniti Technologies Ltd
 
Information security & ethical hacking
Information security & ethical hackingInformation security & ethical hacking
Information security & ethical hackingSahil Rai
 
Pennington - Defending Against Targeted Ransomware with MITRE ATT&CK
Pennington - Defending Against Targeted Ransomware with MITRE ATT&CKPennington - Defending Against Targeted Ransomware with MITRE ATT&CK
Pennington - Defending Against Targeted Ransomware with MITRE ATT&CKAdam Pennington
 
Web Site vulnerability Sales and Consulting
Web Site vulnerability Sales and ConsultingWeb Site vulnerability Sales and Consulting
Web Site vulnerability Sales and Consultingguest4cee27ac
 

Similar to INtroduction to Zagros! (20)

3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!
 
Corporate Espionage without the Hassle of Committing Felonies
Corporate Espionage without the Hassle of Committing FeloniesCorporate Espionage without the Hassle of Committing Felonies
Corporate Espionage without the Hassle of Committing Felonies
 
You can't detect what you can't see illuminating the entire kill chain
You can't detect what you can't see illuminating the entire kill chainYou can't detect what you can't see illuminating the entire kill chain
You can't detect what you can't see illuminating the entire kill chain
 
Verizon DMS' Bot Mitigation from Paul Hobbs
Verizon DMS' Bot Mitigation from Paul HobbsVerizon DMS' Bot Mitigation from Paul Hobbs
Verizon DMS' Bot Mitigation from Paul Hobbs
 
What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?
 
The Cyber Attack Risk
The Cyber Attack RiskThe Cyber Attack Risk
The Cyber Attack Risk
 
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINXKeep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Yalda –Automated Bulk Intelligence Collection
Yalda –Automated Bulk Intelligence CollectionYalda –Automated Bulk Intelligence Collection
Yalda –Automated Bulk Intelligence Collection
 
Malware Analysis
Malware AnalysisMalware Analysis
Malware Analysis
 
Spiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout sessionSpiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout session
 
UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013
 
We cant hack ourselves secure
We cant hack ourselves secureWe cant hack ourselves secure
We cant hack ourselves secure
 
GDP Product Presentation
GDP Product PresentationGDP Product Presentation
GDP Product Presentation
 
Dissecting ssl threats
Dissecting ssl threatsDissecting ssl threats
Dissecting ssl threats
 
10 Open Source Security Testing Tools to Test Your Website
10 Open Source Security Testing Tools to Test Your Website10 Open Source Security Testing Tools to Test Your Website
10 Open Source Security Testing Tools to Test Your Website
 
Starwest 2008
Starwest 2008Starwest 2008
Starwest 2008
 
Information security & ethical hacking
Information security & ethical hackingInformation security & ethical hacking
Information security & ethical hacking
 
Pennington - Defending Against Targeted Ransomware with MITRE ATT&CK
Pennington - Defending Against Targeted Ransomware with MITRE ATT&CKPennington - Defending Against Targeted Ransomware with MITRE ATT&CK
Pennington - Defending Against Targeted Ransomware with MITRE ATT&CK
 
Web Site vulnerability Sales and Consulting
Web Site vulnerability Sales and ConsultingWeb Site vulnerability Sales and Consulting
Web Site vulnerability Sales and Consulting
 

Recently uploaded

Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlysanyuktamishra911
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...ranjana rawat
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Christo Ananth
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Suman Mia
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduitsrknatarajan
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...roncy bisnoi
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)simmis5
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxupamatechverse
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 

Recently uploaded (20)

Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghly
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduits
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptx
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 

INtroduction to Zagros!

Editor's Notes

  1. hex editor and see multiple occurrences of the split 'visua' followed by an MZ header possibly proving that the file infector contains many other files in it that it has attempted to infect over time as it’s spread.
  2. 200 ok -> The request has succeeded. 100 Continue The client SHOULD continue with its request. This interim response is used to inform the client that the initial part of the request has been received and has not yet been rejected by the server. The client SHOULD continue by sending the remainder of the request or, if the request has already been completed, ignore this response. 403: Forbidden The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. 404 Not Found The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent.
  3. https://www.forcepoint.com/master-database-url-categories categories_score = {"blogs" : 1, "uncategorized" : 0, "malicious web sites": 4, # sites containing code intentionally modify users "suspicious content" : 1, # sites with suspicious content "business" : 0, "known infection source" : 5, "parked" : 0, "phishing and other frauds" : 5, # counterfeit legitimate sites "business and economy": 0, # Sites sponsored by or devoted to business firms "travel" : 0, "bot networks": 4, # Command and control centers "parked domain": 0, # Sites that are expired, offered for sale, .. "computersandsoftware" : 0, "health" : 0, "real estate" : 0, # Sites that provide information about renting, buying, selling "information technology" : 0, # Computers, software, the Internet and related business firms "entertainment" : 0, "compromised websites" : 5, # Sites that are vulnerable and known to host an injected malicious "dynamic content": 2, # URLs dynamically being generated "not recommended site" : 3, "potentially unwanted software" : 2, # Sites altering operation of a user's hardware, software, ... "web and email spam" : 2, "application and software download" : 1, "personal network storage and backup" : 1, #store personal files on web servers for backup or exchange "hacking" : 5, "elevated exposure" : 2, "education" : 0, "web hosting" : 0, "marketing" : 0, "radiomusic" : 0, "internet radio and tv" : 0, "videos" : 0, "proxy avoidance" : 2,