Hunting Evil

Presented at DerbyCon 2.0 Reunion (2012), Sept. 29, 2012, 5 p.m. (50 minutes)

This talk will discuss actively following attacker exploit chains to capture malware for analysis. Actively pursuing malware will allow an accurate assessment of risk, assist with the development of counter measures, and allow the discovery of ‘indicators of compromise’ for incident response. Areas covered will include understanding attacker’s evasion and obfuscation techniques, collection of malware, and a discussion of deobfuscation/analysis tools and techniques.

Presenters:

• Bart Hopper / d4ncingd4n   as Bart ‘d4ncind4n’ Hopper
  Bart ‘d4ncingd4n’ Hopper, CISSP, CISM, CRISC, etc. is a security analyst at a financial institution. Prior to his work in security, he was a systems administrator for a healthcare start up. His training came from the ‘Book of the Month’ club, a quest for knowledge, and the school of hard knocks.

Similar Presentations:

• Black Hat USA 2012 / Flowers for Automated Malware Analysis
• Black Hat USA 2012 / A Scientific (But Non Academic) Study of How Malware Employs Anti-Debugging, Anti-Disassembly and Anti-Virtualization Technologies
• DerbyCon 3.0 All in the Family (2013) / Identifying Evil: An introduction to Reverse Engineering Malware and other software