ToorCon XX

I had the opportunity to give a talk on malware obfuscation techniques this weekend at ToorCon XX, my talk was titled “Following a Trail of Confusion”. Here is the abstract: Modern malware uses a wide variety of code obfuscation techniques to hide it’s true intentions and to avoid detection. In this talk, we’ll explore the latest in native code obfuscation techniques as well as a few techniques commonly used with interpreted languages. We will spend time discussing such methods as dynamically constructing import tables, hiding and using shellcode, packing, string obfuscation, use of virtual machines and other anti-analysis techniques. We’ll…

Read more

First Pluralsight course now live!

I’m excited to announce that my first Pluralsight course Analyzing Malware for .NET and Java Binaries is now live! You can find the course at the following URL – http://www.pluralsight.com/courses/dotnet-java-binaries-analyzing-malware. The ability to quickly analyze software is a critical skill for anyone handling malware. This course will teach you techniques for reverse engineering Java and .NET binaries, how to generate indicators of compromise and get hands on with malware.

Read more