Suche senden
Hochladen
BSides Algiers - Stuxnet - Sofiane Talmat
•
Als PPTX, PDF herunterladen
•
0 gefällt mir
•
736 views
Shellmates
Folgen
Technologie
Business
Melden
Teilen
Melden
Teilen
1 von 20
Jetzt herunterladen
Empfohlen
BSides algiers - Malware History - Sofiane Talmat
BSides algiers - Malware History - Sofiane Talmat
Shellmates
Erlang/OTP
Erlang/OTP
voluntas
Trojan removal
Trojan removal
heath1221streak
Unsafe Java World - Crossing the Borderline - JokerConf 2014 Saint Petersburg
Unsafe Java World - Crossing the Borderline - JokerConf 2014 Saint Petersburg
Christoph Engelbert
A N T I A V
A N T I A V
Ngo Hung Long
Emet bypsass
Emet bypsass
Cysinfo Cyber Security Community
Super1
Super1
neelakanteswarreddy
Penetrating Windows 8 with syringe utility
Penetrating Windows 8 with syringe utility
IOSR Journals
Empfohlen
BSides algiers - Malware History - Sofiane Talmat
BSides algiers - Malware History - Sofiane Talmat
Shellmates
Erlang/OTP
Erlang/OTP
voluntas
Trojan removal
Trojan removal
heath1221streak
Unsafe Java World - Crossing the Borderline - JokerConf 2014 Saint Petersburg
Unsafe Java World - Crossing the Borderline - JokerConf 2014 Saint Petersburg
Christoph Engelbert
A N T I A V
A N T I A V
Ngo Hung Long
Emet bypsass
Emet bypsass
Cysinfo Cyber Security Community
Super1
Super1
neelakanteswarreddy
Penetrating Windows 8 with syringe utility
Penetrating Windows 8 with syringe utility
IOSR Journals
Adversary tactics config mgmt-&-logs-oh-my
Adversary tactics config mgmt-&-logs-oh-my
Jesse Moore
Antivirus
Antivirus
Sara B
Reversing & malware analysis training part 9 advanced malware analysis
Reversing & malware analysis training part 9 advanced malware analysis
Abdulrahman Bassam
Inside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Inside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Chong-Kuan Chen
How the antiviruses work
How the antiviruses work
Dawid Golak
VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )
Kashyap Mandaliya
Paginas de Antivirus
Paginas de Antivirus
Sara B
16. Java stacks and queues
16. Java stacks and queues
Intro C# Book
Advanced Malware Analysis Training Session 6 - Malware Sandbox Analysis
Advanced Malware Analysis Training Session 6 - Malware Sandbox Analysis
securityxploded
OSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ Infosectrain
InfosecTrain
Intro to exploits in metasploitand payloads in msfvenom
Intro to exploits in metasploitand payloads in msfvenom
Siddharth Krishna Kumar
Reversing & malware analysis training part 8 malware memory forensics
Reversing & malware analysis training part 8 malware memory forensics
Abdulrahman Bassam
Paginas de Antivirus
Paginas de Antivirus
Sara B
Antivirus
Antivirus
Sara B
[ROOTCON13] Pilot Study on Semi-Automated Patch Diffing by Applying Machine-L...
[ROOTCON13] Pilot Study on Semi-Automated Patch Diffing by Applying Machine-L...
Asuka Nakajima
Security Testing
Security Testing
BJ Edward Taduran
Investigating Hackers' Tools
Investigating Hackers' Tools
Israel Umana
Broadcom Customer Presentation
Broadcom Customer Presentation
Splunk
Windows Command Line Tools
Windows Command Line Tools
love4upratik
Advanced Malware Analysis Training Session 7 - Malware Memory Forensics
Advanced Malware Analysis Training Session 7 - Malware Memory Forensics
securityxploded
Cryptography basics
Cryptography basics
Shellmates
HTML basics
HTML basics
Shellmates
Weitere ähnliche Inhalte
Ähnlich wie BSides Algiers - Stuxnet - Sofiane Talmat
Adversary tactics config mgmt-&-logs-oh-my
Adversary tactics config mgmt-&-logs-oh-my
Jesse Moore
Antivirus
Antivirus
Sara B
Reversing & malware analysis training part 9 advanced malware analysis
Reversing & malware analysis training part 9 advanced malware analysis
Abdulrahman Bassam
Inside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Inside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Chong-Kuan Chen
How the antiviruses work
How the antiviruses work
Dawid Golak
VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )
Kashyap Mandaliya
Paginas de Antivirus
Paginas de Antivirus
Sara B
16. Java stacks and queues
16. Java stacks and queues
Intro C# Book
Advanced Malware Analysis Training Session 6 - Malware Sandbox Analysis
Advanced Malware Analysis Training Session 6 - Malware Sandbox Analysis
securityxploded
OSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ Infosectrain
InfosecTrain
Intro to exploits in metasploitand payloads in msfvenom
Intro to exploits in metasploitand payloads in msfvenom
Siddharth Krishna Kumar
Reversing & malware analysis training part 8 malware memory forensics
Reversing & malware analysis training part 8 malware memory forensics
Abdulrahman Bassam
Paginas de Antivirus
Paginas de Antivirus
Sara B
Antivirus
Antivirus
Sara B
[ROOTCON13] Pilot Study on Semi-Automated Patch Diffing by Applying Machine-L...
[ROOTCON13] Pilot Study on Semi-Automated Patch Diffing by Applying Machine-L...
Asuka Nakajima
Security Testing
Security Testing
BJ Edward Taduran
Investigating Hackers' Tools
Investigating Hackers' Tools
Israel Umana
Broadcom Customer Presentation
Broadcom Customer Presentation
Splunk
Windows Command Line Tools
Windows Command Line Tools
love4upratik
Advanced Malware Analysis Training Session 7 - Malware Memory Forensics
Advanced Malware Analysis Training Session 7 - Malware Memory Forensics
securityxploded
Ähnlich wie BSides Algiers - Stuxnet - Sofiane Talmat
(20)
Adversary tactics config mgmt-&-logs-oh-my
Adversary tactics config mgmt-&-logs-oh-my
Antivirus
Antivirus
Reversing & malware analysis training part 9 advanced malware analysis
Reversing & malware analysis training part 9 advanced malware analysis
Inside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Inside the Matrix,How to Build Transparent Sandbox for Malware Analysis
How the antiviruses work
How the antiviruses work
VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )
Paginas de Antivirus
Paginas de Antivirus
16. Java stacks and queues
16. Java stacks and queues
Advanced Malware Analysis Training Session 6 - Malware Sandbox Analysis
Advanced Malware Analysis Training Session 6 - Malware Sandbox Analysis
OSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ Infosectrain
Intro to exploits in metasploitand payloads in msfvenom
Intro to exploits in metasploitand payloads in msfvenom
Reversing & malware analysis training part 8 malware memory forensics
Reversing & malware analysis training part 8 malware memory forensics
Paginas de Antivirus
Paginas de Antivirus
Antivirus
Antivirus
[ROOTCON13] Pilot Study on Semi-Automated Patch Diffing by Applying Machine-L...
[ROOTCON13] Pilot Study on Semi-Automated Patch Diffing by Applying Machine-L...
Security Testing
Security Testing
Investigating Hackers' Tools
Investigating Hackers' Tools
Broadcom Customer Presentation
Broadcom Customer Presentation
Windows Command Line Tools
Windows Command Line Tools
Advanced Malware Analysis Training Session 7 - Malware Memory Forensics
Advanced Malware Analysis Training Session 7 - Malware Memory Forensics
Mehr von Shellmates
Cryptography basics
Cryptography basics
Shellmates
HTML basics
HTML basics
Shellmates
Malware Analysis par Mohamed Ali FATHI - BSides Algiers 2k15
Malware Analysis par Mohamed Ali FATHI - BSides Algiers 2k15
Shellmates
Atelier Python 2eme partie par Achraf Kacimi El Hassani
Atelier Python 2eme partie par Achraf Kacimi El Hassani
Shellmates
JavaScript 1.0 by Zakaria Smahi
JavaScript 1.0 by Zakaria Smahi
Shellmates
Introduction à Python - Achraf Kacimi El Hassani
Introduction à Python - Achraf Kacimi El Hassani
Shellmates
BSides Algiers - Linux Kernel and Recent Security Protections - Djallal Harouni
BSides Algiers - Linux Kernel and Recent Security Protections - Djallal Harouni
Shellmates
BSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
BSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
Shellmates
BSides Algiers - Reversing Win32 applications - Yacine Hebbal
BSides Algiers - Reversing Win32 applications - Yacine Hebbal
Shellmates
BSides Algiers - Nmap Scripting Engine - Hani Benhabiles
BSides Algiers - Nmap Scripting Engine - Hani Benhabiles
Shellmates
BSides Algiers - Normes ISO 2700x - Badis Remli
BSides Algiers - Normes ISO 2700x - Badis Remli
Shellmates
BSides Algiers - Metasploit framework - Oussama Elhamer
BSides Algiers - Metasploit framework - Oussama Elhamer
Shellmates
BSides Algiers - PHP Static Code Analysis - Abdeldjalil Belakhdar
BSides Algiers - PHP Static Code Analysis - Abdeldjalil Belakhdar
Shellmates
BSides Algiers - Certification Electronique - Lilia Ounini
BSides Algiers - Certification Electronique - Lilia Ounini
Shellmates
Mehr von Shellmates
(14)
Cryptography basics
Cryptography basics
HTML basics
HTML basics
Malware Analysis par Mohamed Ali FATHI - BSides Algiers 2k15
Malware Analysis par Mohamed Ali FATHI - BSides Algiers 2k15
Atelier Python 2eme partie par Achraf Kacimi El Hassani
Atelier Python 2eme partie par Achraf Kacimi El Hassani
JavaScript 1.0 by Zakaria Smahi
JavaScript 1.0 by Zakaria Smahi
Introduction à Python - Achraf Kacimi El Hassani
Introduction à Python - Achraf Kacimi El Hassani
BSides Algiers - Linux Kernel and Recent Security Protections - Djallal Harouni
BSides Algiers - Linux Kernel and Recent Security Protections - Djallal Harouni
BSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
BSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
BSides Algiers - Reversing Win32 applications - Yacine Hebbal
BSides Algiers - Reversing Win32 applications - Yacine Hebbal
BSides Algiers - Nmap Scripting Engine - Hani Benhabiles
BSides Algiers - Nmap Scripting Engine - Hani Benhabiles
BSides Algiers - Normes ISO 2700x - Badis Remli
BSides Algiers - Normes ISO 2700x - Badis Remli
BSides Algiers - Metasploit framework - Oussama Elhamer
BSides Algiers - Metasploit framework - Oussama Elhamer
BSides Algiers - PHP Static Code Analysis - Abdeldjalil Belakhdar
BSides Algiers - PHP Static Code Analysis - Abdeldjalil Belakhdar
BSides Algiers - Certification Electronique - Lilia Ounini
BSides Algiers - Certification Electronique - Lilia Ounini
Kürzlich hochgeladen
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
HampshireHUG
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
wesley chun
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
hans926745
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
jfdjdjcjdnsjd
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
Evaluating the top large language models.pdf
Evaluating the top large language models.pdf
ChristopherTHyatt
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Maria Levchenko
Kürzlich hochgeladen
(20)
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Evaluating the top large language models.pdf
Evaluating the top large language models.pdf
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
BSides Algiers - Stuxnet - Sofiane Talmat
1.
L’industrie du Malware
(Part II) : STUXNET Présentée par : Sofiane Talmat Malware research team : Sofiane Talmat (Algeria) Ehab Hussein (Egypt) http://www.synapse-labs.com info@synapse-labs.com
2.
Security
Corporate Services Services Solution Trainings Development http://www.synapse-labs.com info@synapse-labs.com
3.
FACT 1 :
~WTR4132.TMP http://www.synapse-labs.com info@synapse-labs.com
4.
FACT 2 :
~WTR4132.TMP http://www.synapse-labs.com info@synapse-labs.com
5.
FACT 3 :
MRXCLS.sys http://www.synapse-labs.com info@synapse-labs.com
6.
FACT 4 :
MRXCLS.sys http://www.synapse-labs.com info@synapse-labs.com
7.
FACT 5 :
MRXNET.sys http://www.synapse-labs.com info@synapse-labs.com
8.
FACT 6 :
MRXNET.sys http://www.synapse-labs.com info@synapse-labs.com
9.
Lifecycle http://www.synapse-labs.com
info@synapse-labs.com
10.
PRIVILEGE ESCALATION - MS-10-073
–Win32K.sys Keyboard Layout Vulnerability - MS-10-092 –Windows Task Scheduler Vulnerability http://www.synapse-labs.com info@synapse-labs.com
11.
http://www.synapse-labs.com
info@synapse-labs.com
12.
http://www.synapse-labs.com
info@synapse-labs.com
13.
http://www.synapse-labs.com
info@synapse-labs.com
14.
http://www.synapse-labs.com
info@synapse-labs.com
15.
ESP ==> >
0006F4F8 |ModuleFileName = "C:WINDOWSsystem32lsass.exe" ESP+4 > 00000000 |CommandLine = NULL ESP+8 > 00000000 |pProcessSecurity = NULL ESP+C > 00000000 |pThreadSecurity = NULL ESP+10 > 00000001 |InheritHandles = TRUE ESP+14 > 0800000C |CreationFlags = CREATE_SUSPENDED|DETACHED_PROCESS|CREATE_NO_WINDOW ESP+18 > 00000000 |pEnvironment = NULL ESP+1C > 00000000 |CurrentDir = NULL ESP+20 > 0006F13C |pStartupInfo = 0006F13C ESP+24 > 0006F730 pProcessInfo = 0006F730. http://www.synapse-labs.com info@synapse-labs.com
16.
http://www.synapse-labs.com
info@synapse-labs.com
17.
http://www.synapse-labs.com
info@synapse-labs.com
18.
http://www.synapse-labs.com
info@synapse-labs.com
19.
• stuxnet: references http://www.symantec.com/content/en/us/enterprise/media/sec
urity_response/whitepapers/w32_stuxnet_dossier.pdf http://go.eset.com/us/resources/white- papers/Stuxnet_Under_the_Microscope.pdf http://www.synapse-labs.com info@synapse-labs.com
20.
Questions
Facebook.com/Synapse.Labs Twitter : @Synapse_Labs http://www.synapse-labs.com info@synapse-labs.com
Jetzt herunterladen