Hunting for Memory Resident Malware
Offered By: YouTube
Course Description
Overview
Explore techniques for detecting memory resident malware in this 27-minute conference talk from Derbycon 7. Learn about the importance of memory hunting, attacker techniques, and post-breach detection methods. Discover how to use .NET reflection for malware detection, including a demonstration of running a detection script. Examine the challenges of CLR hooking and gain insights from Microsoft Threat Intelligence. Conclude with a Q&A session to deepen your understanding of memory-based malware detection strategies.
Syllabus
Intro
Overview
Why is memory hunting important
Attacker techniques
API
Post Breach Detection
Dotnet Reflection
Dotnet Reflection Script
Running the Script
Venting Sources
Microsoft Threat Intelligence
The Problem
CLR Hook
Conclusion
Questions
Related Courses
Malicious Software and its Underground Economy: Two Sides to Every StoryUniversity of London International Programmes via Coursera Palo Alto Networks Cybersecurity Essentials II
Palo Alto Networks via Coursera Introducción al Análisis del Malware en Windows
National Technological University – Buenos Aires Regional Faculty via Miríadax Android Malware Analysis - From Zero to Hero
Udemy How to Create and Embed Malware (2-in-1 Course)
Udemy