|
|
|
Virus Bulletin - .NET malware dynamic instrumentation for automated and manual analysis |
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Virus Bulletin - .NET malware dynamic instrumentation for automated and manual analysis Par SecurityTube.NetLe [2015-02-27] à 07:18:29
Présentation : This presentation by Hexiang Hu Microsoft was delivered during VB2014 in Seattle, WA, USA. Microsoft .NET Framework-built applications compile into a Common Intermediate Language CIL , formerly known as Microsoft Intermediate Language MSIL . When executed, this intermediate language is run by either a virtual machine, or through just-in-time compilation JIT to compile into native code at runtime. This approach provides many advantages to developers, such as a single binary being able to execute on multiple platforms and CPU architectures, but has been proving a technical challenge for anti-malware software and researchers since many traditional analysis tools no longer apply. Recently, we've been wrestling with more malware families that are developed using the .NET framework. These malware families are often using a variety of custom and commercial .NET packers that obfuscate and pack the code, resulting in code analysis for anti-malware researchers becoming more difficult. To solve this problem, this presentation introduces a .NET malware research tool to assist in automated and researcher analysis of .NET malware. This tool performs dynamic instrumentation of .NET malware to analyse the functions that are called, as well as the corresponding CIL code to be compiled. This presentation will cover the following topics - ICorProfilerCallback ICorProfilerInfo interface introduction - Project architecture and infrastructure - Backdoor MSIL Bladabindi case study - Future of usage in machine-learning-based detection For More Information Please Visit - https www.virusbtn.com
Les mots clés de la revue de presse pour cet article : virus malware manual
Les videos sur SecuObs pour les mots clés : virus malware manual
Les mots clés pour les articles publiés sur SecuObs : virus malware
Les éléments de la revue Twitter pour les mots clé : virus malware manual
Les derniers articles du site "SecurityTube.Net" :
- TROOPERSCON - Crypto code the 9 circles of testing
- TROOPERSCON - Towards a LangSec Aware SDLC
- TROOPERSCON - Deep dive into SAP archive file formats
- TROOPERSCON - Thanks SAP for the vulnerabilities. Exploiting the unexploitable
- TROOPERSCON - An easy way into your multi-million dollar SAP systems An unknown default SAP account
- TROOPERSCON - One Tool To Rule Them All
- TROOPERSCON - Mind The Gap - Exploit Free Whitelisting Evasion Tactics
- TROOPERSCON - The Chimaera Processor
- TROOPERSCON - Lets Play Hide and Seek in the Cloud
- TROOPERSCON - Planes, Trains and Automobiles The Internet of Deadly Things
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.190.17.190 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.190.17.190 to any 80"
- Nous contacter par mail
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
| Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|
