This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & malware analysis training part 2 introduction to windows internalssecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1 securityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Advanced Malware Analysis Training Session 6 - Malware Sandbox Analysissecurityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Advanced Malware Analysis Training Session 3 - Botnet Analysis Part 2securityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Advanced Malware Analysis Training Session 1 - Detection and Removal of Malwaressecurityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & malware analysis training part 3 windows pe file format basicssecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
This is presentation on password security delivered at security conference at IIT Guwahti, India.
It discusses and throws light on following areas
Part I - Operating System, Cryptography & Password Recovery
Part II - Password Cracking/Recovery Techniques
Part III – Advanced Password Stealing Methods
Part IV - Why they are after you and Tips for Protection !
Reversing & malware analysis training part 1 lab setup guidesecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & malware analysis training part 2 introduction to windows internalssecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1 securityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Advanced Malware Analysis Training Session 6 - Malware Sandbox Analysissecurityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Advanced Malware Analysis Training Session 3 - Botnet Analysis Part 2securityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Advanced Malware Analysis Training Session 1 - Detection and Removal of Malwaressecurityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & malware analysis training part 3 windows pe file format basicssecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
This is presentation on password security delivered at security conference at IIT Guwahti, India.
It discusses and throws light on following areas
Part I - Operating System, Cryptography & Password Recovery
Part II - Password Cracking/Recovery Techniques
Part III – Advanced Password Stealing Methods
Part IV - Why they are after you and Tips for Protection !
Reversing & malware analysis training part 1 lab setup guidesecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & Malware Analysis Training Part 11 - Exploit Development [Advanced]securityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysissecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Advanced Malware Analysis Training Session 7 - Malware Memory Forensicssecurityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Advanced Malware Analysis Training Session 4 - Anti-Analysis Techniquessecurityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & Malware Analysis Training Part 13 - Future Roadmapsecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Advanced Malware Analysis Training Session 11 - (Part 2) Dissecting the Heart...securityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training-advanced-malware-analysis.php
Advanced Malware Analysis Training Session 8 - Introduction to Androidsecurityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training-advanced-malware-analysis.php
Reversing & Malware Analysis Training Part 4 - Assembly Programming Basicssecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & Malware Analysis Training Part 6 - Practical Reversing (I)securityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
VB2013 - Security Research and Development FrameworkAmr Thabet
That's my presentation in VB2013 in Berlin, Germany ... talking about a new development framework for security
it's created for writing security tools, malware analysis tools and network tools
Reversing & Malware Analysis Training Part 11 - Exploit Development [Advanced]securityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysissecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Advanced Malware Analysis Training Session 7 - Malware Memory Forensicssecurityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Advanced Malware Analysis Training Session 4 - Anti-Analysis Techniquessecurityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & Malware Analysis Training Part 13 - Future Roadmapsecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Advanced Malware Analysis Training Session 11 - (Part 2) Dissecting the Heart...securityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training-advanced-malware-analysis.php
Advanced Malware Analysis Training Session 8 - Introduction to Androidsecurityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training-advanced-malware-analysis.php
Reversing & Malware Analysis Training Part 4 - Assembly Programming Basicssecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & Malware Analysis Training Part 6 - Practical Reversing (I)securityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
VB2013 - Security Research and Development FrameworkAmr Thabet
That's my presentation in VB2013 in Berlin, Germany ... talking about a new development framework for security
it's created for writing security tools, malware analysis tools and network tools
A presentation on PHP Development Stack (tools for PHP Development) by my colleagues Neeraj Shah & Sharmishtha Gupta. It was presented at PHPCamp, Pune, on Sept'20th, 2008.
Advanced Eclipse Workshop (held at IPC2010 -spring edition-)Bastian Feder
So wie sich PHP weiterentwickelt, so entwickelt sich auch die Art der Programmierung weiter. Die Zeiten sind vorbei, in denen PHP nur von Hobbyprogrammierern genutzt wurde. Doch mit dem Anspruch an die Projekte steigt auch der Anspruch bei der Entwicklung. Schnell wird hierbei auf eine leistungsstarke IDE wie Eclipse PDT, Zend Studio oder Netbeans zurückgegriffen. Doch wie sieht eine anspruchsvolle Entwicklung mit solch einer IDE aus? Dieser Workshop wird Ihnen am Beispiel von der IDE Eclipse PDT demonstrieren, wie solch eine Entwicklung aussehen kann. Im Detail wird Ihnen gezeigt, wie Sie mittels SVN und Subversive Ihren Code mit mehreren Leuten gemeinsam pflegen und entwickeln und wie Sie die Entwicklungsumgebung Ihren Bedürfnissen anpassen, um z.B. mittels phing eigene Build-Prozesse anstoßen zu können. Damit Sie direkt eigene Erfahrungen sammeln können, würden wir Ihnen herzlich anraten, Ihren Laptop mitzubringen. Um zeitraubenden Installationen vorzubeugen, wird Ihnen ein Ubuntu in Form einer Live-CD bereitgestellt. Teilnehmer mit bestehender Linux-Installation und entsprechenden Rechten können ihr System während des Workshops direkt für den täglichen Gebrauch einrichten.
Understanding and extending p2 for fun and profitPascal Rapicault
In a tutorial style, this detailed presentation covers all the major aspects of p2. It ranges from the simple usage of product delivery to an in-depth presentation of the p2 concepts.
Flash Camp Chennai - Build automation of Flex and AIR applicationsRIA RUI Society
Complete session on how to set up a continuous integration server for compiling and deploying Flex, Flash and AIR applications. The build process also include code quality check, code duplication check, compiler warning reporting, TODO and FIXME list reporting, and Unit testing.
Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)Fabrice Bernhard
This is the presentation given at the Symfony Live 2011 conference. It is an introduction to the new agile movement spreading in the technical operations community called DevOps and how to adopt it on web development projects, in particular Symfony projects.
Plan of the slides :
- Configuration Management
- Development VM
- Scripted deployment
- Continuous deployment
Tools presented in the slides:
- Puppet
- Vagrant
- Fabric
- Jenkins / Hudson
SymfonyCon Berlin 2016 - Symfony Plugin for PhpStorm - 3 years laterHaehnchen
In 2013 the "Symfony Plugin" for PhpStorm was born. Today we see over 1 million downloads and several other plugins for projects like Laravel, Drupal, Shopware, ... that help to improve your productivity.
I will talk about Symfony related features and will give you some tips and tricks. Also, we take a look at the infrastructure behind these plugins and how I maintain all of them.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
2. Disclaimer
The Content, Demonstration, Source Code and Programs presented here is "AS IS" without
any warranty or conditions of any kind. Also the views/ideas/knowledge expressed here are
solely of the trainer’s only and nothing to do with the company or the organization in which
the trainer is currently working.
However in no circumstances neither the Trainer nor SecurityXploded is responsible for any
damage or loss caused due to use or misuse of the information presented here.
www.SecurityXploded.com
3. Acknowledgement
Special thanks to Null community for their extended support and co-operation.
Special thanks to ThoughtWorks for the beautiful venue.
Thanks to all the trainers who have devoted their precious time and countless hours to make it
happen.
www.SecurityXploded.com
4. Advanced Malware Analysis Training
This presentation is part of our Advanced Malware Analysis Training program. Currently it
is delivered only during our local meets for FREE of cost.
For complete details of this course, visit our Security Training page.
www.SecurityXploded.com
5. Who am I?
Harsimran Walia
Member, SecurityXploded
Research Scientist, McAfee Labs
Reversing, Malware Analysis, Exploit Analysis/Development etc.
Personal site: http://harsimranwalia.info
E-mail: walia.harsimran@gmail.com
Twitter: b44nz0r
www.SecurityXploded.com
7. PEfile
Python module to read and work with Portable Executable (PE) files
pefile requires understanding of the layout of a PE file (already covered)
Tasks that pefile makes possible are:
Modifying and writing back to the PE image
Header Inspection
Sections analysis
Retrieving data
Warnings for suspicious and malformed values
Packer detection with PEiD’s signatures
www.SecurityXploded.com
8. Pefile (hands-on)
Load a PE (create an instance)
Reading important PE header attributes
Modifying values
All PE instance values support assignment followed by a call to write function to write the modified exe to system
www.SecurityXploded.com
9. Pefile (hands-on)
PE sections – fetching detail about sections
Output
File Info
Output
www.SecurityXploded.com
10. Pefile (hands-on)
Type of file (exe/dll/driver)
List of imported dlls and imported functions
www.SecurityXploded.com
11. Pydbg
Open Source Python debugger
Developed by Pedram Amini as the main component of PaiMei framework
It uses user-defined callback functions
These functions can implement actions to take on hitting a breakpoint, exception
etc
Upon execution of the callback function the control is passed back to pydbg to
execute the program normally
www.SecurityXploded.com
12. Pydbg installation
Download or git clone: https://github.com/OpenRCE/pydbg
Pre-reqs
Python 2.7
c-types python library
Copy the pydbg files to Python-2.7Libsite-packagespydbg
pydasm.pyd is compiled for Python 2.6, lets fix this!
Open pydasm.pyd in any hex-editor(010 etc) and search python
Change python26.dll to python27.dll
Save and replace with original
www.SecurityXploded.com
13. Pydbg (hands-on)
Import required pydbg modules and struct
Breakpoint handler for CreateFileA
Extract the parameter from the stack = filename
Breakpoint handler for CreateFileW
• Look for process to debug
• Attach debugger to process
• Set breakpoint on function entry address
• Attach a breakpoint handler
www.SecurityXploded.com
14. IDA Python
An IDA Pro plugin
Integrates Python, allowing scripts to run in IDA Pro
IDAPython Scripts have access to
IDA Plugin API,
IDC and all modules available for Python
www.SecurityXploded.com
15. Installation
Download the plugin from https://code.google.com/p/idapython
Match the IDAPro and python version before downloading
Copy the ''python'' directory from the extracted plugin to the IDA Pro install
directory (%IDADIR%)
Copy the plugin executable to ''%IDADIR%plugins''
www.SecurityXploded.com
16. Hands-on
Utility functions
ScreenEA()
○ Obtains the address of where your cursor is currently positioned on the IDA screen.
GetInputFileMD5()
○ Returns the MD5 hash of the binary loaded in IDA, which is useful for tracking changes in the binary
Functions
Functions( long StartAddress, long EndAddress )
○ Returns a list of all function start addresses contained between StartAddress and EndAddress.
LocByName( string FunctionName )
○ Returns the address of a function based on its name.
GetFunctionName( long Address )
○ Given an address, returns the name of the function the address belongs to.
www.SecurityXploded.com
17. Hands-on
Try running on war-ftpd.exe
www.SecurityXploded.com