null Bangalore Humla 29 July 2017 Getting started with Malware/Exploit Kit Analysis Register

Saturday July 29 2017 09:30 AM Humla Bangalore

Null offensive hacking hands-on training.

Proposed sessions for this event:

  • Getting started with Malware/Exploit Kit Analysis by Gajendra Kumar
Note: The session details including schedule are available below.

Getting started with Malware/Exploit Kit Analysis

Registrations open on July 15 at 00:00 AM and registrations close by July 26 2:00 PM or when the count reaches 55 (whichever happens first) .

You can register by clicking on the Register button and Confirming Registration on the next page.

Only the registered participants will be sent a confirmation email with the venue details. This email will be sent by Thursday July 27 10:00 PM.

After registration, if you realize you cannot make it to the session, please un-register yourself using the "Cancel Registration" button so that your seat can be given to someone else.

Please read the following instructions carefully. This will enable us to have a smooth, hassle free session.

Introduction:

The session is intended for ones interested in learning basics of malware analysis. This will be a completely hands on session to understand windows internals with focus on data structures that are of interest to an attacker. At the end of this session, the participant will learn to use tools like WinDbg, Immunity Debugger, basics of x86 assembly.

At a bare minimum, the following will be covered:

1 Introduction to Windows Internals

• Introduction to Virtual Memory and Physical memory
• Data structures that are of interest to an Attacker.
• PEB
• Import Address Table
• Export Address table

2 Deep dive in to Shell Code Analysis.

• What is a Shell Code?
• Extracting shell code from a sample exploit and create a binary.
• Hands on with debugger to reverse the binary.

3 Reverse/Analyze a malware sample (‘Hancitor’)

Hardware Pre-requisites (Mandatory)

• A system capable of running Virtual Box. You can test this by installing Virtual Box and creating a test VM.
• Atleast 2 GB of RAM
• Atleast 10 GB of free space on any drive.

Software Pre-requisites (Mandatory)

• Windows 7 32 bit operating system running on Virtulbox or VmWare.
• The VM should have WinDbg Installed (https://www.microsoft.com/en-in/download/details.aspx?id=8279 )
• Immunity Debugger (https://www.immunityinc.com/products/debugger/ )
• Microsoft Office (Word 2010)

Date Saturday July 29 2017
Chapter Bangalore
Registrations 47
Max Registrations 55
Event Type Invite Only
Start Time 09:30 AM
End Time 06:00 PM

Session Schedule

Name Speaker Start Time End Time Resources
Getting started with Malware/Exploit Kit Analysis Gajendra Kumar 09:30 AM 06:00 PM

Venue

This is an invite only event. If you are selected you will receive further information via e-mail.