This week, Tyler gave us a great deal of information on where to start if you wanted to become a malware researcher. He also gave us websites where you can get malware and ways to analyze it.
We asked Tyler what blue teams can do when they are infected, and he gave us some excellent advice...
I also recite some prose from a classic horror author, so come for the malware, stay for the prose! :)
***NOTE: I guess now would be a good time to mention that many of the links below have unsafe software and actual malware payloads, so use with extreme caution. Especially do not download anything from these sites unless it's in a VM that is not on your companies assets.***
http://www.hopperapp.com/ - Disassemble OSA binaries
http://en.wikibooks.org/wiki/X86_Disassembly/Disassemblers_and_Decompilers - other Disassemblers
http://vxheaven.org/ - Virus Heaven
http://www.malwaredomainlist.com/ - Find websites serving malware
http://oc.gtisc.gatech.edu:8080/ - Georgia Tech malware repository
Sandboxie - http://www.sandboxie.com/
KoreLogic - http://www.korelogic.com/ (lots of great tools here)
http://secshoggoth.blogspot.com/ - Tyler's Blog