Malware analyst's cookbook and dvd : tools and techniques for fighting malicious code

Malware analyst's cookbook and dvd tools and techniques for fighting malicious code

A computer forensics ""how-to"" for fighting malicious code and analyzing incidents With our ever-increasing reliance on computers comes an ever-growing risk of malware. Security professionals will find plenty of solutions in this book to the problems posed by viruses, Trojan hor...

Descripción completa

Detalles Bibliográficos
Autor principal: Ligh, Michael W. (-)
Formato: Libro electrónico
Idioma:Inglés
Publicado: Indianapolis, Ind. : Wiley Pub., Inc 2011.
Edición:1st edition
Materias:
Malware (Computer software)
Electronic books.
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009628065606719
Tabla de Contenidos:
  • Malware Analyst's Cookbook and DVD; Contents; Introduction; On The Book's DVD; Chapter 1: Anonymizing Your Activities; Recipe 1-1: Anonymous Web Browsing with Tor; Recipe 1-2: Wrapping Wget and Network Clients with Torsocks; Recipe 1-3: Multi-platform Tor-enabled Downloader in Python; Recipe 1-4: Forwarding Traffic through Open Proxies; Recipe 1-5: Using SSH Tunnels to Proxy Connections; Recipe 1-6: Privacy-enhanced Web browsing with Privoxy; Recipe 1-7: Anonymous Surfing with Anonymouse.org; Recipe 1-8: Internet Access through Cellular Networks
  • Recipe 1-9: Using VPNs with Anonymizer UniversalChapter 2: Honeypots; Recipe 2-1: Collecting Malware Samples with Nepenthes; Recipe 2-2: Real-Time Attack Monitoring with IRC Logging; Recipe 2-3: Accepting Nepenthes Submissions over HTTP with Python; Recipe 2-4: Collecting Malware Samples with Dionaea; Recipe 2-5: Accepting Dionaea Submissions over HTTP with Python; Recipe 2-6: Real-time Event Notification and Binary Sharing with XMPP; Recipe 2-7: Analyzing and Replaying Attacks Logged by Dionea; Recipe 2-8: Passive Identification of Remote Systems with p0f
  • Recipe 2-9: Graphing Dionaea Attack Patterns with SQLite and GnuplotChapter 3: Malware Classification; Recipe 3-1: Examining Existing ClamAV Signatures; Recipe 3-2: Creating a Custom ClamAV Database; Recipe 3-3: Converting ClamAV Signatures to YARA; Recipe 3-4: Identifying Packers with YARA and PEiD; Recipe 3-5: Detecting Malware Capabilities with YARA; Recipe 3-6: File Type Identification and Hashing in Python; Recipe 3-7: Writing a Multiple-AV Scanner in Python; Recipe 3-8: Detecting Malicious PE Files in Python; Recipe 3-9: Finding Similar Malware with ssdeep
  • Recipe 3-10: Detecting Self-modifying Code with ssdeepRecipe 3-11: Comparing Binaries with IDA and BinDiff; Chapter 4: Sandboxes and Multi-AV Scanners; Recipe 4-1: Scanning Files with VirusTotal; Recipe 4-2: Scanning Files with Jotti; Recipe 4-3: Scanning Files with NoVirusThanks; Recipe 4-4: Database-Enabled Multi-AV Uploader in Python; Recipe 4-5: Analyzing Malware with ThreatExpert; Recipe 4-6: Analyzing Malware with CWSandbox; Recipe 4-7: Analyzing Malware with Anubis; Recipe 4-8: Writing AutoIT Scripts for Joebox; Recipe 4-9: Defeating Path-dependent Malware with Joebox
  • Recipe 4-10: Defeating Process-dependent DLLs with JoeboxRecipe 4-11: Setting an Active HTTP Proxy with Joebox; Recipe 4-12: Scanning for Artifacts with Sandbox Results; Chapter 5: Researching Domains and IP Addresses; Recipe 5-1: Researching Domains with WHOIS; Recipe 5-2: Resolving DNS Hostnames; Recipe 5-3: Obtaining IP WHOIS Records; Recipe 5-4: Querying Passive DNS with BFK; Recipe 5-5: Checking DNS Records with Robtex; Recipe 5-6: Performing a Reverse IP Search with DomainTools; Recipe 5-7: Initiating Zone Transfers with dig; Recipe 5-8: Brute-forcing Subdomains with dnsmap
  • Recipe 5-9: Mapping IP Addresses to ASNs via Shadowserver

Ejemplares similares