YoVDO

Open Source Malware Lab

Offered By: Security BSides London via YouTube

Tags

Security BSides Courses Cybersecurity Courses Malware Analysis Courses Network Traffic Analysis Courses File Analysis Courses

Course Description

Overview

Explore the world of open source malware analysis tools in this comprehensive 50-minute conference talk from Security BSides London. Dive into the essential components of a malware analysis lab, focusing on four main entry points: files, URLs, network traffic captures, and memory images. Learn about major open source tools for each entry point, including Cuckoo Sandbox for file analysis, Thug for URL analysis, Bro Network Security Monitor for network capture analysis, and the Volatility Framework for memory image analysis. Discover how to link these tools together to create an automated, comprehensive malware analysis lab. Gain insights into tool inputs, outputs, and potential automation techniques to enhance your malware analysis capabilities.

Syllabus

Intro
Why Do I Need A Malware Analysis Lab?
Malware Analysis Process Entry Points
Open Source Malware Analysis Tools
More Than Just Dynamic Analysis
Cuckoo Modified
Cuckoo Output
Wolf in Sheep's Clothing
Thug Output
Extracted Files
What is the Volatility Framework?
Operating System Support
Volatility Outout
Orchestration and Automation


Taught by

Security BSides London

Related Courses

AWS Cloud Quest: Networking
Amazon Web Services via AWS Skill Builder AWS Network – Monitoring and Troubleshooting
Amazon Web Services via AWS Skill Builder AWS Security Traffic Monitoring and Packet Analysis
Amazon Web Services via AWS Skill Builder AWS SimuLearn: Analyzing Network Traffic
Amazon Web Services via AWS Skill Builder AWS SimuLearn: VPC Flow Logs Analysis Dashboards
Amazon Web Services via AWS Skill Builder