Hello Reader,
We had a fascinating Forensic Lunch today with:
Lenny Zeltser, @lennyzeltser , talking about his career in reverse engineering and the challenges of moving his analysis platform to Windows 8. Here are the links he discussed:
Jon Stewart, @codeslack, talking about his career and his work on Lightgrep.
You can grab a copy of the lightgrep engine source here:http://www.lightboxtechnologies.com/lightgrep-engine/
You can grab a copy of v1.4 with lightgrep built in here: http://digitalcorpora.org/downloads/bulk_extractor/
You can buy a copy of lightgrep that works with Encase and other tools here:http://www.lightboxtechnologies.com/lightgrep/
We had a fascinating Forensic Lunch today with:
Lenny Zeltser, @lennyzeltser , talking about his career in reverse engineering and the challenges of moving his analysis platform to Windows 8. Here are the links he discussed:
Dealing with ASLR on Windows 8.1: http://digital-forensics.sans.org/blog/2014/02/17/malware-analysis-and-aslr-on-windows-8-1setdllcharacteristics: http://blog.didierstevens.com/2010/10/17/setdllcharacteristics/CFF Explorer: http://www.ntcore.com/exsuite.phpScylla for process dumping: http://forum.tuts4you.com/files/file/576-scylla-imports-reconstruction/Books mentioned:Malware Analyst's Cookbook: http://www.malwarecookbook.comPractical Malware Analysis: http://practicalmalwareanalysis.com/
You can take a class with Lenny here: https://www.sans.org/course/reverse-engineering-malware-malware-analysis-tools-techniques
Jon Stewart, @codeslack, talking about his career and his work on Lightgrep.
You can grab a copy of the lightgrep engine source here:http://www.lightboxtechnologies.com/lightgrep-engine/
You can grab a copy of v1.4 with lightgrep built in here: http://digitalcorpora.org/downloads/bulk_extractor/
You can buy a copy of lightgrep that works with Encase and other tools here:http://www.lightboxtechnologies.com/lightgrep/
Also Read: Daily Blog #242
Post a Comment