YoVDO

Hunting for Memory Resident Malware

Offered By: YouTube

Tags

Conference Talks Courses Cybersecurity Courses Malware Analysis Courses APIs Courses Memory Forensics Courses

Course Description

Overview

Explore techniques for detecting memory resident malware in this 27-minute conference talk from Derbycon 7. Learn about the importance of memory hunting, attacker techniques, and post-breach detection methods. Discover how to use .NET reflection for malware detection, including a demonstration of running a detection script. Examine the challenges of CLR hooking and gain insights from Microsoft Threat Intelligence. Conclude with a Q&A session to deepen your understanding of memory-based malware detection strategies.

Syllabus

Intro
Overview
Why is memory hunting important
Attacker techniques
API
Post Breach Detection
Dotnet Reflection
Dotnet Reflection Script
Running the Script
Venting Sources
Microsoft Threat Intelligence
The Problem
CLR Hook
Conclusion
Questions


Related Courses

Web Development
Udacity Do-It-Yourself Geo Apps
Esri via Independent Software Construction: Object-Oriented Design
The University of British Columbia via edX Full-Text Search with SAP HANA Platform
SAP Learning Tools for Data Science
IBM via Coursera