Suche senden
Hochladen
Rootkit Hunting & Compromise Detection
•
2 gefällt mir
•
1,282 views
A
amiable_indian
Folgen
Joanna Rutkowska
Weniger lesen
Mehr lesen
Technologie
Melden
Teilen
Melden
Teilen
1 von 49
Empfohlen
Bug Finding - K.K.Mookhey
Bug Finding - K.K.Mookhey
amiable_indian
Analisis Estatico y de Comportamiento de un Binario Malicioso
Analisis Estatico y de Comportamiento de un Binario Malicioso
Conferencias FIST
Basic Malware Analysis
Basic Malware Analysis
Albert Hui
Ch0 1
Ch0 1
TylerDerdun
Basic malware analysis
Basic malware analysis
securityxploded
Reverse Engineering 101
Reverse Engineering 101
ysurer
Malware analysis
Malware analysis
Prakashchand Suthar
Introduction To Exploitation & Metasploit
Introduction To Exploitation & Metasploit
Raghav Bisht
Empfohlen
Bug Finding - K.K.Mookhey
Bug Finding - K.K.Mookhey
amiable_indian
Analisis Estatico y de Comportamiento de un Binario Malicioso
Analisis Estatico y de Comportamiento de un Binario Malicioso
Conferencias FIST
Basic Malware Analysis
Basic Malware Analysis
Albert Hui
Ch0 1
Ch0 1
TylerDerdun
Basic malware analysis
Basic malware analysis
securityxploded
Reverse Engineering 101
Reverse Engineering 101
ysurer
Malware analysis
Malware analysis
Prakashchand Suthar
Introduction To Exploitation & Metasploit
Introduction To Exploitation & Metasploit
Raghav Bisht
Building next gen malware behavioural analysis environment
Building next gen malware behavioural analysis environment
isc2-hellenic
aleph - Malware analysis pipelining for the masses
aleph - Malware analysis pipelining for the masses
Jan Seidl
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner Class
Georgia Weidman
Automated defense from rootkit attacks
Automated defense from rootkit attacks
UltraUploader
Metasploit
Metasploit
Lalith Sai
Metasploit & Windows Kernel Exploitation
Metasploit & Windows Kernel Exploitation
zeroSteiner
Metasploit framework in Network Security
Metasploit framework in Network Security
Ashok Reddy Medikonda
Analysis Of Adverarial Code - The Role of Malware Kits
Analysis Of Adverarial Code - The Role of Malware Kits
Rahul Mohandas
Metasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With Metasploit
Anurag Srivastava
IDA Vulnerabilities and Bug Bounty by Masaaki Chida
IDA Vulnerabilities and Bug Bounty by Masaaki Chida
CODE BLUE
Introducing IoT Crusher (Open Source Version)
Introducing IoT Crusher (Open Source Version)
Ken Belva
Malware analysis - What to learn from your invaders
Malware analysis - What to learn from your invaders
Tazdrumm3r
Detecting Evasive Malware in Sandbox
Detecting Evasive Malware in Sandbox
Rahul Mohandas
Metasploit framwork
Metasploit framwork
Deepanshu Gajbhiye
"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...
"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...
SegInfo
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
CODE BLUE
SANS Digital Forensics and Incident Response Poster 2012
SANS Digital Forensics and Incident Response Poster 2012
Rian Yulian
Oleksyk applied-anti-forensics
Oleksyk applied-anti-forensics
DefconRussia
Penetration testing using metasploit
Penetration testing using metasploit
Aashish R
Metaploit
Metaploit
Ajinkya Pathak
Executive Insights - Whiteboarding on Purpose
Executive Insights - Whiteboarding on Purpose
Corporate Visions
Key logger,Why? and How to prevent Them?
Key logger,Why? and How to prevent Them?
Bibek Sharma
Weitere ähnliche Inhalte
Was ist angesagt?
Building next gen malware behavioural analysis environment
Building next gen malware behavioural analysis environment
isc2-hellenic
aleph - Malware analysis pipelining for the masses
aleph - Malware analysis pipelining for the masses
Jan Seidl
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner Class
Georgia Weidman
Automated defense from rootkit attacks
Automated defense from rootkit attacks
UltraUploader
Metasploit
Metasploit
Lalith Sai
Metasploit & Windows Kernel Exploitation
Metasploit & Windows Kernel Exploitation
zeroSteiner
Metasploit framework in Network Security
Metasploit framework in Network Security
Ashok Reddy Medikonda
Analysis Of Adverarial Code - The Role of Malware Kits
Analysis Of Adverarial Code - The Role of Malware Kits
Rahul Mohandas
Metasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With Metasploit
Anurag Srivastava
IDA Vulnerabilities and Bug Bounty by Masaaki Chida
IDA Vulnerabilities and Bug Bounty by Masaaki Chida
CODE BLUE
Introducing IoT Crusher (Open Source Version)
Introducing IoT Crusher (Open Source Version)
Ken Belva
Malware analysis - What to learn from your invaders
Malware analysis - What to learn from your invaders
Tazdrumm3r
Detecting Evasive Malware in Sandbox
Detecting Evasive Malware in Sandbox
Rahul Mohandas
Metasploit framwork
Metasploit framwork
Deepanshu Gajbhiye
"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...
"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...
SegInfo
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
CODE BLUE
SANS Digital Forensics and Incident Response Poster 2012
SANS Digital Forensics and Incident Response Poster 2012
Rian Yulian
Oleksyk applied-anti-forensics
Oleksyk applied-anti-forensics
DefconRussia
Penetration testing using metasploit
Penetration testing using metasploit
Aashish R
Metaploit
Metaploit
Ajinkya Pathak
Was ist angesagt?
(20)
Building next gen malware behavioural analysis environment
Building next gen malware behavioural analysis environment
aleph - Malware analysis pipelining for the masses
aleph - Malware analysis pipelining for the masses
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner Class
Automated defense from rootkit attacks
Automated defense from rootkit attacks
Metasploit
Metasploit
Metasploit & Windows Kernel Exploitation
Metasploit & Windows Kernel Exploitation
Metasploit framework in Network Security
Metasploit framework in Network Security
Analysis Of Adverarial Code - The Role of Malware Kits
Analysis Of Adverarial Code - The Role of Malware Kits
Metasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With Metasploit
IDA Vulnerabilities and Bug Bounty by Masaaki Chida
IDA Vulnerabilities and Bug Bounty by Masaaki Chida
Introducing IoT Crusher (Open Source Version)
Introducing IoT Crusher (Open Source Version)
Malware analysis - What to learn from your invaders
Malware analysis - What to learn from your invaders
Detecting Evasive Malware in Sandbox
Detecting Evasive Malware in Sandbox
Metasploit framwork
Metasploit framwork
"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...
"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
SANS Digital Forensics and Incident Response Poster 2012
SANS Digital Forensics and Incident Response Poster 2012
Oleksyk applied-anti-forensics
Oleksyk applied-anti-forensics
Penetration testing using metasploit
Penetration testing using metasploit
Metaploit
Metaploit
Andere mochten auch
Executive Insights - Whiteboarding on Purpose
Executive Insights - Whiteboarding on Purpose
Corporate Visions
Key logger,Why? and How to prevent Them?
Key logger,Why? and How to prevent Them?
Bibek Sharma
Malware
Malware
zapatitos99
What is keylogger
What is keylogger
hilarypark97
Rootkit 102 - Kernel-Based Rootkit
Rootkit 102 - Kernel-Based Rootkit
Chia-Hao Tsai
GARIN MONO DE MIERDA
GARIN MONO DE MIERDA
eduardo martin martinez
Cyber Surveillance - Honors English 1 Presentation
Cyber Surveillance - Honors English 1 Presentation
axnv
Andere mochten auch
(7)
Executive Insights - Whiteboarding on Purpose
Executive Insights - Whiteboarding on Purpose
Key logger,Why? and How to prevent Them?
Key logger,Why? and How to prevent Them?
Malware
Malware
What is keylogger
What is keylogger
Rootkit 102 - Kernel-Based Rootkit
Rootkit 102 - Kernel-Based Rootkit
GARIN MONO DE MIERDA
GARIN MONO DE MIERDA
Cyber Surveillance - Honors English 1 Presentation
Cyber Surveillance - Honors English 1 Presentation
Ähnlich wie Rootkit Hunting & Compromise Detection
Understand study
Understand study
Antonio Costa aka Cooler_
Cutting out Malware
Cutting out Malware
luigi capuzzello
HackInBo2k16 - Threat Intelligence and Malware Analysis
HackInBo2k16 - Threat Intelligence and Malware Analysis
Antonio Parata
Rootkits
Rootkits
TharinduUdaraRanasin
Joanna Rutkowska Subverting Vista Kernel
Joanna Rutkowska Subverting Vista Kernel
guestf1a032
The Media Access Control Address
The Media Access Control Address
Angie Lee
D-Cipher
D-Cipher
Venkat Sandeep Manthi
Teensy Programming for Everyone
Teensy Programming for Everyone
Nikhil Mittal
File inflection techniques
File inflection techniques
Sandun Perera
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
eLiberatica
App locker
App locker
Concentrated Technology
Securing your Cloud Environment v2
Securing your Cloud Environment v2
ShapeBlue
Reducing attack surface on ICS with Windows native solutions
Reducing attack surface on ICS with Windows native solutions
Jan Seidl
CarolinaCon 2008 Rootkits Then and Now
CarolinaCon 2008 Rootkits Then and Now
Tyler Shields
Hacking the future with USB HID
Hacking the future with USB HID
Nikhil Mittal
Intro to NSM with Security Onion - AusCERT
Intro to NSM with Security Onion - AusCERT
Ashley Deuble
How to convince a malware to avoid us
How to convince a malware to avoid us
Csaba Fitzl
Malware-Reverse-Engineering-BeginnerToAdvanced-By-Abhijit-Mohanta-1.pdf
Malware-Reverse-Engineering-BeginnerToAdvanced-By-Abhijit-Mohanta-1.pdf
Abhijit Mohanta
Embedded government espionage
Embedded government espionage
Muts Byte
Informative news about an anti virus progra1
Informative news about an anti virus progra1
delta1call
Ähnlich wie Rootkit Hunting & Compromise Detection
(20)
Understand study
Understand study
Cutting out Malware
Cutting out Malware
HackInBo2k16 - Threat Intelligence and Malware Analysis
HackInBo2k16 - Threat Intelligence and Malware Analysis
Rootkits
Rootkits
Joanna Rutkowska Subverting Vista Kernel
Joanna Rutkowska Subverting Vista Kernel
The Media Access Control Address
The Media Access Control Address
D-Cipher
D-Cipher
Teensy Programming for Everyone
Teensy Programming for Everyone
File inflection techniques
File inflection techniques
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
App locker
App locker
Securing your Cloud Environment v2
Securing your Cloud Environment v2
Reducing attack surface on ICS with Windows native solutions
Reducing attack surface on ICS with Windows native solutions
CarolinaCon 2008 Rootkits Then and Now
CarolinaCon 2008 Rootkits Then and Now
Hacking the future with USB HID
Hacking the future with USB HID
Intro to NSM with Security Onion - AusCERT
Intro to NSM with Security Onion - AusCERT
How to convince a malware to avoid us
How to convince a malware to avoid us
Malware-Reverse-Engineering-BeginnerToAdvanced-By-Abhijit-Mohanta-1.pdf
Malware-Reverse-Engineering-BeginnerToAdvanced-By-Abhijit-Mohanta-1.pdf
Embedded government espionage
Embedded government espionage
Informative news about an anti virus progra1
Informative news about an anti virus progra1
Mehr von amiable_indian
Phishing As Tragedy of the Commons
Phishing As Tragedy of the Commons
amiable_indian
Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art
amiable_indian
Secrets of Top Pentesters
Secrets of Top Pentesters
amiable_indian
Workshop on Wireless Security
Workshop on Wireless Security
amiable_indian
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
amiable_indian
Workshop on BackTrack live CD
Workshop on BackTrack live CD
amiable_indian
Reverse Engineering for exploit writers
Reverse Engineering for exploit writers
amiable_indian
State of Cyber Law in India
State of Cyber Law in India
amiable_indian
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
amiable_indian
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Coding
amiable_indian
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
amiable_indian
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
amiable_indian
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunity
amiable_indian
Reverse Engineering for exploit writers
Reverse Engineering for exploit writers
amiable_indian
Hacking Client Side Insecurities
Hacking Client Side Insecurities
amiable_indian
Web Exploit Finder Presentation
Web Exploit Finder Presentation
amiable_indian
Network Security Data Visualization
Network Security Data Visualization
amiable_indian
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization
amiable_indian
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Time
amiable_indian
What are the Business Security Metrics?
What are the Business Security Metrics?
amiable_indian
Mehr von amiable_indian
(20)
Phishing As Tragedy of the Commons
Phishing As Tragedy of the Commons
Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art
Secrets of Top Pentesters
Secrets of Top Pentesters
Workshop on Wireless Security
Workshop on Wireless Security
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Workshop on BackTrack live CD
Workshop on BackTrack live CD
Reverse Engineering for exploit writers
Reverse Engineering for exploit writers
State of Cyber Law in India
State of Cyber Law in India
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Coding
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunity
Reverse Engineering for exploit writers
Reverse Engineering for exploit writers
Hacking Client Side Insecurities
Hacking Client Side Insecurities
Web Exploit Finder Presentation
Web Exploit Finder Presentation
Network Security Data Visualization
Network Security Data Visualization
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Time
What are the Business Security Metrics?
What are the Business Security Metrics?
Kürzlich hochgeladen
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
Sujit Pal
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
hans926745
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
Sinan KOZAK
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
BookNet Canada
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Ridwan Fadjar
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Gabriella Davis
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
shyamraj55
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
naman860154
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
Kürzlich hochgeladen
(20)
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rootkit Hunting & Compromise Detection
1.
Rootkit Hunting vs.
Compromise Detection Joanna Rutkowska invisiblethings.org Black Hat Federal 2006, Washington D.C., January 25 th 2006.
2.
3.
4.
5.
6.
7.
Theoretical Scary Scenario…
8.
Network infected 1
2 3 4
9.
Client re-infection 1
2
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
Interaction with OS
infrastructure Pretty Stealth Backdoor The only interaction between the backdoor and OS! Just few DWORDs! DATA CODE
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
Thank you for
your time!