Enviar búsqueda
Cargar
Rootkit Hunting & Compromise Detection
•
2 recomendaciones
•
1,282 vistas
A
amiable_indian
Seguir
Joanna Rutkowska
Leer menos
Leer más
Tecnología
Denunciar
Compartir
Denunciar
Compartir
1 de 49
Recomendados
Bug Finding - K.K.Mookhey
Bug Finding - K.K.Mookhey
amiable_indian
Analisis Estatico y de Comportamiento de un Binario Malicioso
Analisis Estatico y de Comportamiento de un Binario Malicioso
Conferencias FIST
Basic Malware Analysis
Basic Malware Analysis
Albert Hui
Ch0 1
Ch0 1
TylerDerdun
Basic malware analysis
Basic malware analysis
securityxploded
Reverse Engineering 101
Reverse Engineering 101
ysurer
Malware analysis
Malware analysis
Prakashchand Suthar
Introduction To Exploitation & Metasploit
Introduction To Exploitation & Metasploit
Raghav Bisht
Recomendados
Bug Finding - K.K.Mookhey
Bug Finding - K.K.Mookhey
amiable_indian
Analisis Estatico y de Comportamiento de un Binario Malicioso
Analisis Estatico y de Comportamiento de un Binario Malicioso
Conferencias FIST
Basic Malware Analysis
Basic Malware Analysis
Albert Hui
Ch0 1
Ch0 1
TylerDerdun
Basic malware analysis
Basic malware analysis
securityxploded
Reverse Engineering 101
Reverse Engineering 101
ysurer
Malware analysis
Malware analysis
Prakashchand Suthar
Introduction To Exploitation & Metasploit
Introduction To Exploitation & Metasploit
Raghav Bisht
Building next gen malware behavioural analysis environment
Building next gen malware behavioural analysis environment
isc2-hellenic
aleph - Malware analysis pipelining for the masses
aleph - Malware analysis pipelining for the masses
Jan Seidl
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner Class
Georgia Weidman
Automated defense from rootkit attacks
Automated defense from rootkit attacks
UltraUploader
Metasploit
Metasploit
Lalith Sai
Metasploit & Windows Kernel Exploitation
Metasploit & Windows Kernel Exploitation
zeroSteiner
Metasploit framework in Network Security
Metasploit framework in Network Security
Ashok Reddy Medikonda
Analysis Of Adverarial Code - The Role of Malware Kits
Analysis Of Adverarial Code - The Role of Malware Kits
Rahul Mohandas
Metasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With Metasploit
Anurag Srivastava
IDA Vulnerabilities and Bug Bounty by Masaaki Chida
IDA Vulnerabilities and Bug Bounty by Masaaki Chida
CODE BLUE
Introducing IoT Crusher (Open Source Version)
Introducing IoT Crusher (Open Source Version)
Ken Belva
Malware analysis - What to learn from your invaders
Malware analysis - What to learn from your invaders
Tazdrumm3r
Detecting Evasive Malware in Sandbox
Detecting Evasive Malware in Sandbox
Rahul Mohandas
Metasploit framwork
Metasploit framwork
Deepanshu Gajbhiye
"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...
"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...
SegInfo
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
CODE BLUE
SANS Digital Forensics and Incident Response Poster 2012
SANS Digital Forensics and Incident Response Poster 2012
Rian Yulian
Oleksyk applied-anti-forensics
Oleksyk applied-anti-forensics
DefconRussia
Penetration testing using metasploit
Penetration testing using metasploit
Aashish R
Metaploit
Metaploit
Ajinkya Pathak
Executive Insights - Whiteboarding on Purpose
Executive Insights - Whiteboarding on Purpose
Corporate Visions
Key logger,Why? and How to prevent Them?
Key logger,Why? and How to prevent Them?
Bibek Sharma
Más contenido relacionado
La actualidad más candente
Building next gen malware behavioural analysis environment
Building next gen malware behavioural analysis environment
isc2-hellenic
aleph - Malware analysis pipelining for the masses
aleph - Malware analysis pipelining for the masses
Jan Seidl
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner Class
Georgia Weidman
Automated defense from rootkit attacks
Automated defense from rootkit attacks
UltraUploader
Metasploit
Metasploit
Lalith Sai
Metasploit & Windows Kernel Exploitation
Metasploit & Windows Kernel Exploitation
zeroSteiner
Metasploit framework in Network Security
Metasploit framework in Network Security
Ashok Reddy Medikonda
Analysis Of Adverarial Code - The Role of Malware Kits
Analysis Of Adverarial Code - The Role of Malware Kits
Rahul Mohandas
Metasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With Metasploit
Anurag Srivastava
IDA Vulnerabilities and Bug Bounty by Masaaki Chida
IDA Vulnerabilities and Bug Bounty by Masaaki Chida
CODE BLUE
Introducing IoT Crusher (Open Source Version)
Introducing IoT Crusher (Open Source Version)
Ken Belva
Malware analysis - What to learn from your invaders
Malware analysis - What to learn from your invaders
Tazdrumm3r
Detecting Evasive Malware in Sandbox
Detecting Evasive Malware in Sandbox
Rahul Mohandas
Metasploit framwork
Metasploit framwork
Deepanshu Gajbhiye
"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...
"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...
SegInfo
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
CODE BLUE
SANS Digital Forensics and Incident Response Poster 2012
SANS Digital Forensics and Incident Response Poster 2012
Rian Yulian
Oleksyk applied-anti-forensics
Oleksyk applied-anti-forensics
DefconRussia
Penetration testing using metasploit
Penetration testing using metasploit
Aashish R
Metaploit
Metaploit
Ajinkya Pathak
La actualidad más candente
(20)
Building next gen malware behavioural analysis environment
Building next gen malware behavioural analysis environment
aleph - Malware analysis pipelining for the masses
aleph - Malware analysis pipelining for the masses
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner Class
Automated defense from rootkit attacks
Automated defense from rootkit attacks
Metasploit
Metasploit
Metasploit & Windows Kernel Exploitation
Metasploit & Windows Kernel Exploitation
Metasploit framework in Network Security
Metasploit framework in Network Security
Analysis Of Adverarial Code - The Role of Malware Kits
Analysis Of Adverarial Code - The Role of Malware Kits
Metasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With Metasploit
IDA Vulnerabilities and Bug Bounty by Masaaki Chida
IDA Vulnerabilities and Bug Bounty by Masaaki Chida
Introducing IoT Crusher (Open Source Version)
Introducing IoT Crusher (Open Source Version)
Malware analysis - What to learn from your invaders
Malware analysis - What to learn from your invaders
Detecting Evasive Malware in Sandbox
Detecting Evasive Malware in Sandbox
Metasploit framwork
Metasploit framwork
"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...
"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
SANS Digital Forensics and Incident Response Poster 2012
SANS Digital Forensics and Incident Response Poster 2012
Oleksyk applied-anti-forensics
Oleksyk applied-anti-forensics
Penetration testing using metasploit
Penetration testing using metasploit
Metaploit
Metaploit
Destacado
Executive Insights - Whiteboarding on Purpose
Executive Insights - Whiteboarding on Purpose
Corporate Visions
Key logger,Why? and How to prevent Them?
Key logger,Why? and How to prevent Them?
Bibek Sharma
Malware
Malware
zapatitos99
What is keylogger
What is keylogger
hilarypark97
Rootkit 102 - Kernel-Based Rootkit
Rootkit 102 - Kernel-Based Rootkit
Chia-Hao Tsai
GARIN MONO DE MIERDA
GARIN MONO DE MIERDA
eduardo martin martinez
Cyber Surveillance - Honors English 1 Presentation
Cyber Surveillance - Honors English 1 Presentation
axnv
Destacado
(7)
Executive Insights - Whiteboarding on Purpose
Executive Insights - Whiteboarding on Purpose
Key logger,Why? and How to prevent Them?
Key logger,Why? and How to prevent Them?
Malware
Malware
What is keylogger
What is keylogger
Rootkit 102 - Kernel-Based Rootkit
Rootkit 102 - Kernel-Based Rootkit
GARIN MONO DE MIERDA
GARIN MONO DE MIERDA
Cyber Surveillance - Honors English 1 Presentation
Cyber Surveillance - Honors English 1 Presentation
Similar a Rootkit Hunting & Compromise Detection
Understand study
Understand study
Antonio Costa aka Cooler_
Cutting out Malware
Cutting out Malware
luigi capuzzello
HackInBo2k16 - Threat Intelligence and Malware Analysis
HackInBo2k16 - Threat Intelligence and Malware Analysis
Antonio Parata
Rootkits
Rootkits
TharinduUdaraRanasin
Joanna Rutkowska Subverting Vista Kernel
Joanna Rutkowska Subverting Vista Kernel
guestf1a032
The Media Access Control Address
The Media Access Control Address
Angie Lee
D-Cipher
D-Cipher
Venkat Sandeep Manthi
Teensy Programming for Everyone
Teensy Programming for Everyone
Nikhil Mittal
File inflection techniques
File inflection techniques
Sandun Perera
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
eLiberatica
App locker
App locker
Concentrated Technology
Securing your Cloud Environment v2
Securing your Cloud Environment v2
ShapeBlue
Reducing attack surface on ICS with Windows native solutions
Reducing attack surface on ICS with Windows native solutions
Jan Seidl
CarolinaCon 2008 Rootkits Then and Now
CarolinaCon 2008 Rootkits Then and Now
Tyler Shields
Hacking the future with USB HID
Hacking the future with USB HID
Nikhil Mittal
Intro to NSM with Security Onion - AusCERT
Intro to NSM with Security Onion - AusCERT
Ashley Deuble
How to convince a malware to avoid us
How to convince a malware to avoid us
Csaba Fitzl
Malware-Reverse-Engineering-BeginnerToAdvanced-By-Abhijit-Mohanta-1.pdf
Malware-Reverse-Engineering-BeginnerToAdvanced-By-Abhijit-Mohanta-1.pdf
Abhijit Mohanta
Embedded government espionage
Embedded government espionage
Muts Byte
Informative news about an anti virus progra1
Informative news about an anti virus progra1
delta1call
Similar a Rootkit Hunting & Compromise Detection
(20)
Understand study
Understand study
Cutting out Malware
Cutting out Malware
HackInBo2k16 - Threat Intelligence and Malware Analysis
HackInBo2k16 - Threat Intelligence and Malware Analysis
Rootkits
Rootkits
Joanna Rutkowska Subverting Vista Kernel
Joanna Rutkowska Subverting Vista Kernel
The Media Access Control Address
The Media Access Control Address
D-Cipher
D-Cipher
Teensy Programming for Everyone
Teensy Programming for Everyone
File inflection techniques
File inflection techniques
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
App locker
App locker
Securing your Cloud Environment v2
Securing your Cloud Environment v2
Reducing attack surface on ICS with Windows native solutions
Reducing attack surface on ICS with Windows native solutions
CarolinaCon 2008 Rootkits Then and Now
CarolinaCon 2008 Rootkits Then and Now
Hacking the future with USB HID
Hacking the future with USB HID
Intro to NSM with Security Onion - AusCERT
Intro to NSM with Security Onion - AusCERT
How to convince a malware to avoid us
How to convince a malware to avoid us
Malware-Reverse-Engineering-BeginnerToAdvanced-By-Abhijit-Mohanta-1.pdf
Malware-Reverse-Engineering-BeginnerToAdvanced-By-Abhijit-Mohanta-1.pdf
Embedded government espionage
Embedded government espionage
Informative news about an anti virus progra1
Informative news about an anti virus progra1
Más de amiable_indian
Phishing As Tragedy of the Commons
Phishing As Tragedy of the Commons
amiable_indian
Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art
amiable_indian
Secrets of Top Pentesters
Secrets of Top Pentesters
amiable_indian
Workshop on Wireless Security
Workshop on Wireless Security
amiable_indian
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
amiable_indian
Workshop on BackTrack live CD
Workshop on BackTrack live CD
amiable_indian
Reverse Engineering for exploit writers
Reverse Engineering for exploit writers
amiable_indian
State of Cyber Law in India
State of Cyber Law in India
amiable_indian
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
amiable_indian
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Coding
amiable_indian
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
amiable_indian
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
amiable_indian
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunity
amiable_indian
Reverse Engineering for exploit writers
Reverse Engineering for exploit writers
amiable_indian
Hacking Client Side Insecurities
Hacking Client Side Insecurities
amiable_indian
Web Exploit Finder Presentation
Web Exploit Finder Presentation
amiable_indian
Network Security Data Visualization
Network Security Data Visualization
amiable_indian
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization
amiable_indian
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Time
amiable_indian
What are the Business Security Metrics?
What are the Business Security Metrics?
amiable_indian
Más de amiable_indian
(20)
Phishing As Tragedy of the Commons
Phishing As Tragedy of the Commons
Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art
Secrets of Top Pentesters
Secrets of Top Pentesters
Workshop on Wireless Security
Workshop on Wireless Security
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Workshop on BackTrack live CD
Workshop on BackTrack live CD
Reverse Engineering for exploit writers
Reverse Engineering for exploit writers
State of Cyber Law in India
State of Cyber Law in India
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Coding
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunity
Reverse Engineering for exploit writers
Reverse Engineering for exploit writers
Hacking Client Side Insecurities
Hacking Client Side Insecurities
Web Exploit Finder Presentation
Web Exploit Finder Presentation
Network Security Data Visualization
Network Security Data Visualization
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Time
What are the Business Security Metrics?
What are the Business Security Metrics?
Último
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
ScyllaDB
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
UXDXConf
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
CzechDreamin
Motion for AI: Creating Empathy in Technology
Motion for AI: Creating Empathy in Technology
UXDXConf
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
Zilliz
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Peter Udo Diehl
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
CzechDreamin
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
Fwdays
Server-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at Priceline
UXDXConf
The architecture of Generative AI for enterprises.pdf
The architecture of Generative AI for enterprises.pdf
alexjohnson7307
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
IES VE
Transforming The New York Times: Empowering Evolution through UX
Transforming The New York Times: Empowering Evolution through UX
UXDXConf
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
CzechDreamin
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
Strategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering Teams
UXDXConf
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
CzechDreamin
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
Femke de Vroome
Último
(20)
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
Motion for AI: Creating Empathy in Technology
Motion for AI: Creating Empathy in Technology
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
Server-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at Priceline
The architecture of Generative AI for enterprises.pdf
The architecture of Generative AI for enterprises.pdf
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
Transforming The New York Times: Empowering Evolution through UX
Transforming The New York Times: Empowering Evolution through UX
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Strategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering Teams
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
Rootkit Hunting & Compromise Detection
1.
Rootkit Hunting vs.
Compromise Detection Joanna Rutkowska invisiblethings.org Black Hat Federal 2006, Washington D.C., January 25 th 2006.
2.
3.
4.
5.
6.
7.
Theoretical Scary Scenario…
8.
Network infected 1
2 3 4
9.
Client re-infection 1
2
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
Interaction with OS
infrastructure Pretty Stealth Backdoor The only interaction between the backdoor and OS! Just few DWORDs! DATA CODE
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
Thank you for
your time!