From Collaborative RCE Knowledge Library

Jump to: navigation, search

Linux Malware Analysis Articles


Item name: Advanced malare analysis lab
Rating: 0.0 (0 votes)
Author: Wes Brown                        
Home URL: http://www.ioactive.com/
Last updated: July 4, 2010
Version (if appl.):
Direct D/L link: http://conference.hitb.org/hitbsecconf2010ams/materials/D2T3%20-%20Wes%20Brown%20-%20Advanced%20Malware%20Analysis%20Lab.pdf
Description: Among the techniques reviewed will be memory inspection, debugging, hooking, as well as PE file examination. Techniques that malware use to avoid being inspected will be discussed along with ways to work around them. The malware workshop environment will also be walked through and each tool demonstrated so that the workshop attendee would leave with a good grasp of how and when to use them.
Also listed in: Windows Malware Analysis Articles
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Forensic discovery - Malware analysis basics
Rating: 0.0 (0 votes)
Author: Wietse Venema, Dan Farmer                        
Home URL: http://www.porcupine.org
Last updated: January 9, 2005
Version (if appl.):
Direct D/L link: http://www.porcupine.org/forensics/forensic-discovery/chapter6.html
Description: This chapter about malware analysis basics comes from a larger book about forensic discovery, (a must read) all about UNIX !
Also listed in: (Not listed in any other category)
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Linux Improvised Userland Scheduler Virus
Rating: 0.0 (0 votes)
Author: Izik                        
Home URL: http://uninformed.org
Last updated: December 29, 2005
Version (if appl.):
Direct D/L link: http://uninformed.org/?v=3&a=6&t=txt
Description: "This paper discusses the combination of a userland scheduler and
runtime process infection for a virus. These two concepts complete
each other. The runtime process infection opens the door to invading
into other processes, and the userland scheduler provides a way to
make the injected code coexist with the original process code. This
allows the virus to remain stealthy and active inside an infected
process."
Also listed in: Linux ELF Articles, Linux Internals Articles
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Malware Analysis: Environment Design and Architecture
Rating: 0.0 (0 votes)
Author: Adrian Sanabria                        
Home URL: http://www.sans.org/
Last updated: January 18, 2007
Version (if appl.):
Direct D/L link: http://www.sans.org/reading_room/whitepapers/threats/malware_analysis_environment_design_and_artitecture_1841
Description: This academic article precisely describes the possible ways of setting up a malware analysis environment (both physical and virtualized).
Also listed in: Windows Malware Analysis Articles
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)




RSS feed Feed containing all updates and additions for this category.

RSS feed Feed containing all updates and additions for this category, including sub-categories.





Views
Category Navigation Tree
   Tools