Sunday, December 14, 2014

Tyler Hudak (@secshoggoth) Discusses incident respose, and DIY malware research


This week, Tyler gave us a great deal of information on where to start if you wanted to become a malware researcher. He also gave us websites where you can get malware and ways to analyze it. 

We asked Tyler what blue teams can do when they are infected, and he gave us some excellent advice...

I also recite some prose from a classic horror author, so come for the malware, stay for the prose! :)

***NOTE: I guess now would be a good time to mention that many of the links below have unsafe software and actual malware payloads, so use with extreme caution. Especially do not download anything from these sites unless it's in a VM that is not on your companies assets.***

http://www.hopperapp.com/ - Disassemble OSA binaries

http://en.wikibooks.org/wiki/X86_Disassembly/Disassemblers_and_Decompilers - other Disassemblers

http://vxheaven.org/ - Virus Heaven

http://www.malwaredomainlist.com/ - Find websites serving malware

http://oc.gtisc.gatech.edu:8080/ - Georgia Tech malware repository

Sandboxie - http://www.sandboxie.com/

KoreLogic - http://www.korelogic.com/ (lots of great tools here)

http://secshoggoth.blogspot.com/ - Tyler's Blog


Here is a new episode of Brakeing Down Security!

No comments: