This document provides information about a reversing and malware analysis training program. It introduces the trainers, Amit Malik and Swapnil Pathak, and outlines topics to be covered including Windows architecture, memory management, processes and threads, system APIs, and system service dispatching. The training materials are intended to help students learn reverse engineering and malware analysis techniques.
Reversing & malware analysis training part 2 introduction to windows internalssecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & malware analysis training part 3 windows pe file format basicssecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & malware analysis training part 1 lab setup guidesecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & malware analysis training part 2 introduction to windows internalssecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & malware analysis training part 3 windows pe file format basicssecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & malware analysis training part 1 lab setup guidesecurityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Reversing & Malware Analysis Training Part 11 - Exploit Development [Advanced]securityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Advanced Malware Analysis Training Session 6 - Malware Sandbox Analysissecurityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
This presentation talks about the focus towards building security in the software development life cycle and covers details related to Reconnaissance, Scanning and Attack based test design and execution approach.
Advanced Malware Analysis Training Session 8 - Introduction to Androidsecurityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training-advanced-malware-analysis.php
AD113 Speed Up Your Applications w/ Nginx and PageSpeededm00se
My slide deck from my session, AD113: Speed Up Your Applications with Nginx + PageSpeed, at MWLUG 2015 in Atlanta, GA at the Ritz-Carlton.
For more, see:
- https://edm00se.io/self-promotion/mwlug-ad113-success
- https://github.com/edm00se/AD113-Speed-Up-Your-Apps-with-Nginx-and-PageSpeed
Reversing & Malware Analysis Training Part 11 - Exploit Development [Advanced]securityxploded
This presentation is part of our Reverse Engineering & Malware Analysis Training program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
Advanced Malware Analysis Training Session 6 - Malware Sandbox Analysissecurityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
This presentation talks about the focus towards building security in the software development life cycle and covers details related to Reconnaissance, Scanning and Attack based test design and execution approach.
Advanced Malware Analysis Training Session 8 - Introduction to Androidsecurityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training-advanced-malware-analysis.php
AD113 Speed Up Your Applications w/ Nginx and PageSpeededm00se
My slide deck from my session, AD113: Speed Up Your Applications with Nginx + PageSpeed, at MWLUG 2015 in Atlanta, GA at the Ritz-Carlton.
For more, see:
- https://edm00se.io/self-promotion/mwlug-ad113-success
- https://github.com/edm00se/AD113-Speed-Up-Your-Apps-with-Nginx-and-PageSpeed
Similar to Reversing & malware analysis training part 2 introduction to windows internals (20)
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
2. Disclaimer
The Content, Demonstration, Source Code and Programs presented here is "AS IS"
without any warranty or conditions of any kind. Also the views/ideas/knowledge
expressed here are solely of the trainer’s only and nothing to do with the company or
the organization in which the trainer is currently working.
However in no circumstances neither the trainer nor SecurityXploded is responsible for
any damage or loss caused due to use or misuse of the information presented here.
www.SecurityXploded.com
3. Acknowledgement
Special thanks to null & Garage4Hackers community for their extended support and
cooperation.
Thanks to all the trainers who have devoted their precious time and countless hours to
make it happen.
www.SecurityXploded.com
4. Reversing & Malware Analysis Training
This presentation is part of our Reverse Engineering & Malware Analysis Training
program. Currently it is delivered only during our local meet for FREE of cost.
For complete details of this course, visit our Security Training page.
www.SecurityXploded.com
5. Who am I #1
Amit Malik (sometimes DouBle_Zer0,DZZ)
Member SecurityXploded
Security Researcher @ McAfee Labs
RE, Exploit Analysis/Development, Malware Analysis
Email: m.amit30@gmail.com
www.SecurityXploded.com
6. Who am I #2
Swapnil Pathak
Member SecurityXploded
Security Researcher @ McAfee Labs
RE, Malware Analysis, Network Security
Email: swapnilpathak101@gmail.com
www.SecurityXploded.com
7. Course Q&A
Keep yourself up to date with latest security news
http://www.securityphresh.com
For Q&A, join our mailing list.
http://groups.google.com/group/securityxploded
www.SecurityXploded.com
9. Memory Management
Virtual Memory
- An invisiblelayerbetween a softwareand physicalmemory
- Every process first get loaded into its virtual memory address space
- Small units called “pages”are used to do mapping between physicalmemory and virtual
memory.
Paging
- Memory managementschemethat stores and retrieves datafrom secondary storageforuse
in main memory
- Uses same size blocks called pages
- Pagetable is used to translatevirtualaddresses in physicalmemory addresses
www.SecurityXploded.com
10. Memory Management Cont.
UserAddressSpace
- Allocatedfor user mode applications.
- All processes executein theirown virtual space.
- Useoperating system dlls to interact with kernel
Kernel AddressSpace
- Strictlyreserved forkernel, devicedrivers and operatingsystemexecutive.
- No user mode applicationcan directly interactwith thekernel.
www.SecurityXploded.com
12. Process and Thread
Process
- Executinginstanceofan application.
- Isolatedaddress space
- PEB data structurestoreinformationabout process
- PEB is an user space data structure
Threads
- Multiplethreads sharethe same address spacein the process.
- Each process has at least a single executingthread.
- TEBdata structurestoreinformation aboutthread
www.SecurityXploded.com
13. PEB (Process Environment Block)
An opaque data structure that store information about process in user
space
www.SecurityXploded.com