YoVDO

Hunting for Memory Resident Malware

Offered By: YouTube

Tags

Conference Talks Courses Cybersecurity Courses Malware Analysis Courses APIs Courses Memory Forensics Courses

Course Description

Overview

Explore techniques for detecting memory resident malware in this 27-minute conference talk from Derbycon 7. Learn about the importance of memory hunting, attacker techniques, and post-breach detection methods. Discover how to use .NET reflection for malware detection, including a demonstration of running a detection script. Examine the challenges of CLR hooking and gain insights from Microsoft Threat Intelligence. Conclude with a Q&A session to deepen your understanding of memory-based malware detection strategies.

Syllabus

Intro
Overview
Why is memory hunting important
Attacker techniques
API
Post Breach Detection
Dotnet Reflection
Dotnet Reflection Script
Running the Script
Venting Sources
Microsoft Threat Intelligence
The Problem
CLR Hook
Conclusion
Questions


Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube