MalwareNet Project

•Download as PPTX, PDF•

1 like•1,277 views

Presented by SecurityXploded team in our quarterly Cyber security meet. visit: http://www.securitytrainings.net for more information.

Technology

SecurityXploded Team
MalwareNet.com Crowd Sourced Malware
Analysis and Intelligence
Portal.
© SecurityXploded Research Group

Mission!
1. Central Repository for Malware
analysis.
2. API integration - accessible to
everyone/product/tool.
3. Community collaboration
© SecurityXploded Research Group

MalwareNet Components
❖ Search
❖ Submit Analysis
❖ Request Analysis
❖ Trust Key
❖ API
© SecurityXploded Research Group

MalwareNet Search
❖ Search the sample analysis reports.
❖ Download reports
❖ Search fields (few may not be available yet)
❖ SHA256
❖ Domain/IP
❖ Malware family/campaign name
❖ Entire analysis report*
© SecurityXploded Research Group

Submit Analysis
❖ Anonymous submission
❖ currently we support only text submission.
❖ Use reference section to add more resources (eg: your
blog etc.)
❖ Pcap/Sample upload is optional.
© SecurityXploded Research Group

Request Analysis
❖ Submit sample - request for analysis.
❖ Anonymous submission
❖ Anyone can download the samples
❖ Anyone can submit the analysis
❖ Our dedicated analysts will work on this for free. :)
❖ Send private/confidential analysis requests to
team@securityxploded.com (this is not free)
© SecurityXploded Research Group

Trust Key
❖ MalwareNet is based on the concept of virtual trusted network.
❖ Trust key is optional in web submission but mandatory in API
submission
❖ We recommend use the trust key for all submissions (submit
analysis or request analysis) because the submissions using
trust key will be given priority.
❖ Request trust key: send an email to key@securityxploded.com
with "Trust key" subject (without quotes).
© SecurityXploded Research Group

API
❖ API is free and accessible to everyone.
❖ currently we support:
❖ submit analysis
❖ Request analysis
❖ we are working on search
❖ Download the client and feel free to integrate it in your analysis
tools.
❖ Trust key is mandatory for API submission.
© SecurityXploded Research Group

Request Analysis (API)
• Json format
• Request Trust Key: send an email to key@securityxploded.com with
• subject – Trust key

MawareNet.com
❖ Use the API, integrate it with
your analysis tools
❖ We will also release some tools
to automate the analysis
process.
❖ For any questions/queries
please email to
team@securityxploded.com
© SecurityXploded Research Group

Thank You!
© SecurityXploded Research Group

A web application’s attack surface is the combination of URLs it will respond to as well as the inputs to those URLs that can change the behavior of the application. Understanding an application’s attack surface is critical to being able to provide sufficient security test coverage, and by watching an application’s attack surface change over time security and development teams can help target and optimize testing activities. This presentation looks at methods of calculating web application attack surface and tracking the evolution of attack surface over time. In addition, it looks at metrics and thresholds that can be used to craft policies for integrating different testing activities into Continuous Integration / Continuous Delivery (CI/CD) pipelines for teams integrating security into their DevOps practices.

How to integrate FileCatalyst java applets

FileCatalyst

Security Automation using ZAP

Vaibhav Gupta

These are the slides from my lightning talk at OWASP AppSec Europe 2016. The session broadly consisted of: - Quick run through of ZAP GUI - Understanding what can be automated - How to integrate ZAP with automation scripts - Example scripts/Hands-on - Some delicate considerations Code: https://github.com/r3ver53r/AppSecEU_2016 Download: https://2016.appsec.eu/wp-content/uploads/2016/07/OWASP_AppSec_EU2016-Security_Automation_Using_ZAP_v1.3.pdf

Voxxed Days Thessaloniki 2016 - Continuous Delivery: Jenkins, Docker and Spri...

Voxxed Days Thessaloniki

Introduction à Application Insights

MSDEVMTL

Solving trust issues at scale

Soluto

Micro-services are social beings: they can’t function without talking with other services. Every microservice has its own domain, and it usually relies on other micro-services to function properly. But this also raises an interesting question: do we trust all of our micro-services? The truth is that not all micro-services are the same: some micro-services are more sensitive - for example, services that handle user data. Others are user-facing and therefore riskier. We cannot treat all services as equal. We need a good and robust mechanism to describe who can talk with who. At Soluto, we are dealing with this challenge for a while. In this talk, I’ll share the journey we went through until we found a solution we’re happy with: a simple and declarative system that allows services to define who can access them. Any dev can request access to any service, and the service owner can review it. In talk, I’ll share how we build this solution, using open source tools like Open Policy Agent, so you can easily build something similar.

Using microsoft application insights to implement a build, measure, learn loopMarcel de Vries

Knowing how to perform basic malware analysis can go a long way in helping infosec analysts do some basic triage to either crush the mundane or recognize when its time to pass the more serious samples on to the the big boys. This presentation covers several analysis environment options and the three quick steps that allows almost anyone with a general technical background to go from n00b to ninja (;)) in no time. Well … maybe not a "ninja" per se but the closing does address follow-on resources on the cheap for those wanting to dive deeper into the dark world of malware analysis.

Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysis

securityxploded

Fingerprinting healthcare institutions

securityxploded

Advanced Malware Analysis Training Session 6 - Malware Sandbox Analysis

securityxploded

CNIT 126 Ch 0: Malware Analysis Primer & 1: Basic Static Techniques

Sam Bowne

Advanced Malware Analysis Training Session 7 - Malware Memory Forensics

securityxploded

Anatomy of Exploit Kits

securityxploded

Stealthy, Hypervisor-based Malware Analysis

Tamas K Lengyel

What's hot

Careful - APIs Inside: Testing and Monitoring for App Development

3scale

Entity framework core v3 from sql to no sql

Andrea Tosato

Security at Greenhouse

Michael O'Neil

Monitoring your API

Andrés F Vargas

JIRA Data Center Implementation at Pitney Bowes - Peter Strickland

Atlassian

Deploying atlassian tools in the enterprise - Dione TechnologyMatthew Cobby

What's hot (6)

Careful - APIs Inside: Testing and Monitoring for App Development

Entity framework core v3 from sql to no sql

Security at Greenhouse

Monitoring your API

JIRA Data Center Implementation at Pitney Bowes - Peter Strickland

Deploying atlassian tools in the enterprise - Dione Technology

Viewers also liked

Dissecting BetaBot

securityxploded

Automating Malware Analysis

securityxploded

Watering Hole Attacks Case Study and Analysis_SecurityXploded_Meet_june14

securityxploded

Understanding CryptoLocker (Ransomware) with a Case Study

securityxploded

Basic malware analysis

securityxploded

Harmon arbor v2

Luke Harmon

Reverse Engineering Malware

securityxploded

Reversing and Decrypting the Communications of APT Malware (Etumbot)

securityxploded

Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...

grecsl

Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysis

securityxploded

Fingerprinting healthcare institutions

securityxploded

Advanced Malware Analysis Training Session 6 - Malware Sandbox Analysis

securityxploded

CNIT 126 Ch 0: Malware Analysis Primer & 1: Basic Static Techniques

Sam Bowne

Advanced Malware Analysis Training Session 7 - Malware Memory Forensics

securityxploded

Anatomy of Exploit Kits

securityxploded

Stealthy, Hypervisor-based Malware Analysis

Tamas K Lengyel

Building next gen malware behavioural analysis environment

isc2-hellenic

Practical steps to mitigate DDoS attacks

Security Session

CNIT 126 2: Malware Analysis in Virtual Machines & 3: Basic Dynamic Analysis

Sam Bowne

Viewers also liked (19)

Dissecting BetaBot

Automating Malware Analysis

Watering Hole Attacks Case Study and Analysis_SecurityXploded_Meet_june14

Understanding CryptoLocker (Ransomware) with a Case Study

Basic malware analysis

Harmon arbor v2

Reverse Engineering Malware

Reversing and Decrypting the Communications of APT Malware (Etumbot)

Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...

Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysis

Fingerprinting healthcare institutions

Advanced Malware Analysis Training Session 6 - Malware Sandbox Analysis

CNIT 126 Ch 0: Malware Analysis Primer & 1: Basic Static Techniques

Advanced Malware Analysis Training Session 7 - Malware Memory Forensics

Anatomy of Exploit Kits

Stealthy, Hypervisor-based Malware Analysis

Building next gen malware behavioural analysis environment

Practical steps to mitigate DDoS attacks

CNIT 126 2: Malware Analysis in Virtual Machines & 3: Basic Dynamic Analysis

Similar to MalwareNet Project

Droidcon Tunisia 2014 connect your mobile app to your backend

Nacef Labidi

APIsecure 2023 - API First Hacking, Corey Ball, Author of Hacking APIs

apidays

APIsecure 2023 - The world's first and only API security conference March 14 & 15, 2023 Closing Keynote: API First Hacking Corey Ball, Chief Hacking Officer APIsec University| Author of Hacking APIs ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Blending Automated and Manual Testing

Denim Group

DevOps puts an intense focus on automation – taking humans out of the loop whenever possible to allow frequent, incremental updates to production systems. However, thorough application testing often has multiple components – much of this can be automated, but manual testing is also required. This is inconvenient and not “DevOps-y,” but is unfortunately an unavoidable requirement in the real world. In addition, managing these multiple sources of application vulnerability intelligence often requires manual interaction – to clear false positives, de-duplicate repeated results, and make decisions about triage and remediation. Axway has rolled out an application security program that incorporates automated static and dynamic testing, attack surface analysis, component analysis, as well as inputs from 3rd parties including manual penetration testing, automated and manual dynamic testing, automated and manual static testing, and test results from vendors providing test data on their products. Automation has allowed Axway to increase the frequency of web application testing, thus reducing the cycle time in the application vulnerability “OODA loop.” Moving beyond the identification of vulnerabilities, Axway has deployed ThreadFix to automatically aggregate the results of the automated testing and de-duplicate findings. 3rd party penetration testers are also finding vulnerabilities and reporting them in reasonably structured CSV files requiring Axway to convert this manual test data and incorporate it into the aggregated vulnerability model in ThreadFix. Centralizing this pipeline allows for metric tracking – both for the application security program as a whole as well as on a per-vulnerability-source basis. This automation and consolidation now covers 50% of Axway’s application vulnerability review process - with plans to extend further. This presentation walks through Axway’s construction of their application security-testing pipeline and the decisions they were forced to make along the way to best maximize the use of automation while accommodating the reality of manual testing requirements. It then looks at how this testing regimen and the associated automation have allowed them to impact deployment practices as well as collect metrics on their assurance program. Finally, it looks at lessons learned along the way – the good and the bad – and identifies targeted next steps Axway plans to take to increase the depth and frequency of application security testing while dealing with the deployment realities placed on them to remain agile and responsive to business requirements.

security misconfigurations

Megha Sahu

Security? hey, it's only word press!

stk_jj

Jobvite: A Holistic Approach to Security

Theodore Kim

AWS Loft presentation on 04/28/16. You’ve configured host and network based ACLs, enabled CloudTrail logging, encrypted all data at rest (EBS & S3), secured your AMIs, regularly patch EC2 instances, and locked down IAM roles. But are you secure? How do you know if/when a security incident has occurred, detect unauthorized access to data, identify vulnerabilities in your application, block online attacks in real-time, or certify your application as truly secure? Theodore Kim, VP of Technical Operations at Jobvite, and his team will present a holistic approach to securing your application environment hosted in AWS. Topics will include: - Do I need an Intrusion Detection/Prevention (IDS/IPS) System? - How to detect and block network/application intrusion attempts in real time. - Log file parsing/alerting via Security Information & Event Management (SIEM) systems to identify anomalous system activity. - An overview of penetration/vulnerability testing services. - Auditing your environment to identify security vulnerabilities and support compliance efforts. - How to incorporate security vulnerability scanning into the build and release process.

[Wroclaw #5] OWASP Projects: beyond Top 10

OWASP

Monitoring Attack Surface to Secure DevOps Pipelines

Denim Group

London Adapt or Die: Securing your APIs the Right Way!

Apigee | Google Cloud

The road towards better automotive cybersecurity

Rogue Wave Software

Automotive safety has been a major concern for manufacturers everywhere and now the threat of automotive hacking looms. Your team may be familiar with safety standards and defensive coding techniques but do you know how to handle security threats at the code level? What can you do next to transform your processes and development strategies? Join automotive experts from Rogue Wave Software for the first in a three-part series on securing your code and solidifying processes to ensure safe, defect-free software. By educating teams and understanding proven techniques, you’ll be able to take the next step towards less risk and more value for your applications. In this first one-hour webinar you'll learn: - Techniques to protect your automotive software systems from risk - Tools that accelerate compliance with security and safety standards - Tips to ensure defects are eliminated as early as possible

ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...

Agile Testing Alliance

Building an Open Source AppSec Pipeline - 2015 Texas Linux Fest

Matt Tesauro

Power shell 악성코드 동향 20161118_차민석_디지털 포렌식 기술특강 공개판

Minseok(Jacky) Cha

So Your Company Hired A PentesterNorthBayWeb

Wellington MuleSoft Meetup 2021-02-18

Mary Joy Sabal

we45 DEFCON Workshop - Building AppSec Automation with Python

Abhay Bhargav

OWASP 2014 AppSec EU ZAP Advanced Features

Simon Bennetts

Create code confidence for better application security

Rogue Wave Software

Join security experts from Rogue Wave Software for the first in a three-part series on ensuring your code and processes are secure. Network intrusion. Information theft. Outside reprogramming of systems. These examples are just a few of the several reasons why software security is becoming increasingly more important to all industries. No system is immune, so it’s more important than ever to understand why secure code matters and how to create safer applications. In this first one-hour webinar you'll learn how to: - Protect your systems from risk - Comply with security standards - Ensure the entire codebase is bulletproof

New ThousandEyes Product Features and Release Highlights: March 2024

ThousandEyes

Automated tools for penetration testing

devanshdubey7

Similar to MalwareNet Project (20)

Droidcon Tunisia 2014 connect your mobile app to your backend

APIsecure 2023 - API First Hacking, Corey Ball, Author of Hacking APIs

Blending Automated and Manual Testing

security misconfigurations

Security? hey, it's only word press!

Jobvite: A Holistic Approach to Security

[Wroclaw #5] OWASP Projects: beyond Top 10

Monitoring Attack Surface to Secure DevOps Pipelines

London Adapt or Die: Securing your APIs the Right Way!

The road towards better automotive cybersecurity

ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...

Building an Open Source AppSec Pipeline - 2015 Texas Linux Fest

Power shell 악성코드 동향 20161118_차민석_디지털 포렌식 기술특강 공개판

So Your Company Hired A Pentester

Wellington MuleSoft Meetup 2021-02-18

we45 DEFCON Workshop - Building AppSec Automation with Python

OWASP 2014 AppSec EU ZAP Advanced Features

Create code confidence for better application security

New ThousandEyes Product Features and Release Highlights: March 2024

Automated tools for penetration testing

Recently uploaded

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Albert Hoitingh

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

Product School

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

UiPath Test Automation using UiPath Test Suite series, part 3

DianaGray10

JMeter webinar - integration with InfluxDB and Grafana

RTTS

Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application. In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics. Length: 30 minutes Session Overview ------------------------------------------- During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana: - What out-of-the-box solutions are available for real-time monitoring JMeter tests? - What are the benefits of integrating InfluxDB and Grafana into the load testing stack? - Which features are provided by Grafana? - Demonstration of InfluxDB and Grafana using a practice web application To view the webinar recording, go to: https://www.rttsweb.com/jmeter-integration-webinar

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Product School

Bits & Pixels using AI for Good.........

Alison B. Lowndes

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

Product School

Assuring Contact Center Experiences for Your Customers With ThousandEyes

ThousandEyes

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Inflectra

In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring. Learn about: • The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks. • Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective. • Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification. • Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process. Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.

Knowledge engineering: from people to machines and back

Elena Simperl

Elevating Tactical DDD Patterns Through Object Calisthenics

Dorra BARTAGUIZ

After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

FIDO Alliance

Neuro-symbolic is not enough, we need neuro-*semantic*

Frank van Harmelen

Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”. All of this illustrated with link prediction over knowledge graphs, but the argument is general.

Securing your Kubernetes cluster_ a step-by-step guide to success !

KatiaHIMEUR1

Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster. However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks. In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.

The Future of Platform Engineering

Jemma Hussein Allen

Accelerate your Kubernetes clusters with Varnish Caching

Thijs Feryn

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

Ramesh Iyer

In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

Product School

When stars align: studies in data quality, knowledge graphs, and machine lear...

Elena Simperl

Recently uploaded (20)

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

FIDO Alliance Osaka Seminar: Overview.pdf

UiPath Test Automation using UiPath Test Suite series, part 3

JMeter webinar - integration with InfluxDB and Grafana

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Bits & Pixels using AI for Good.........

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

Assuring Contact Center Experiences for Your Customers With ThousandEyes

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Knowledge engineering: from people to machines and back

Elevating Tactical DDD Patterns Through Object Calisthenics

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

Neuro-symbolic is not enough, we need neuro-*semantic*

Securing your Kubernetes cluster_ a step-by-step guide to success !

The Future of Platform Engineering

Accelerate your Kubernetes clusters with Varnish Caching

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

When stars align: studies in data quality, knowledge graphs, and machine lear...

MalwareNet Project

1. SecurityXploded Team MalwareNet.com Crowd Sourced Malware Analysis and Intelligence Portal. © SecurityXploded Research Group

2. Mission! 1. Central Repository for Malware analysis. 2. API integration - accessible to everyone/product/tool. 3. Community collaboration © SecurityXploded Research Group

3. MalwareNet Components ❖ Search ❖ Submit Analysis ❖ Request Analysis ❖ Trust Key ❖ API © SecurityXploded Research Group

4. MalwareNet Search ❖ Search the sample analysis reports. ❖ Download reports ❖ Search fields (few may not be available yet) ❖ SHA256 ❖ Domain/IP ❖ Malware family/campaign name ❖ Entire analysis report* © SecurityXploded Research Group

5. Submit Analysis ❖ Anonymous submission ❖ currently we support only text submission. ❖ Use reference section to add more resources (eg: your blog etc.) ❖ Pcap/Sample upload is optional. © SecurityXploded Research Group

6. Submit Analysis (Web)

7. Request Analysis ❖ Submit sample - request for analysis. ❖ Anonymous submission ❖ Anyone can download the samples ❖ Anyone can submit the analysis ❖ Our dedicated analysts will work on this for free. :) ❖ Send private/confidential analysis requests to team@securityxploded.com (this is not free) © SecurityXploded Research Group

8. Request Analysis (Web) Thanks to Nagareshwar for cool logo and webUi! 

9. Trust Key ❖ MalwareNet is based on the concept of virtual trusted network. ❖ Trust key is optional in web submission but mandatory in API submission ❖ We recommend use the trust key for all submissions (submit analysis or request analysis) because the submissions using trust key will be given priority. ❖ Request trust key: send an email to key@securityxploded.com with "Trust key" subject (without quotes). © SecurityXploded Research Group

10. API ❖ API is free and accessible to everyone. ❖ currently we support: ❖ submit analysis ❖ Request analysis ❖ we are working on search ❖ Download the client and feel free to integrate it in your analysis tools. ❖ Trust key is mandatory for API submission. © SecurityXploded Research Group

11. Submit Analysis (API) • Json format

12. Request Analysis (API) • Json format • Request Trust Key: send an email to key@securityxploded.com with • subject – Trust key

13. MawareNet.com ❖ Use the API, integrate it with your analysis tools ❖ We will also release some tools to automate the analysis process. ❖ For any questions/queries please email to team@securityxploded.com © SecurityXploded Research Group

MalwareNet Project

Recommended

Recommended

More Related Content

What's hot

What's hot (6)

Viewers also liked

Viewers also liked (19)

Similar to MalwareNet Project

Similar to MalwareNet Project (20)

More from securityxploded

More from securityxploded (19)

Recently uploaded

Recently uploaded (20)

MalwareNet Project