A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Malware Armor - Tyler Halfpop (Circle City Con 2015 Videose 2015) (Hacking Illustrated Series InfoSec Tutorial Videos)

Malware Armor
Tyler Halfpop

Circle City Con 2015

The purpose of this talk is to provide an overview of malware defenses that attempt to hinder reverse engineering efforts and provide methods and resources to overcome those obstacles. Malware authors often don't want defenders to be able to understand their creations because then they can create defenses and indicators of compromise. Anti-disassembly, anti-debugging, anti-virtualization, and packing will be discussed as well as methods to overcome common implementations. Creation of indicators of compromise and defenses for after the malware's shields are down will also be covered. It is my hope that participants will gain the basic skills and confidence to immediately start safely investigating armored malware in order to thoroughly understand and defend against infections.

Bio: Tyler is a threat researcher for Fidelis Cybersecurity where he gets to work with an amazing team. Tyler's main research interests are in reverse engineering and malware analysis. He is currently working on his doctorate in computer science. He is a SANS Lethal Forensicator and has several industry certifications including the CISSP and GREM. He likes to stay involved in the security community through several organizations and has spoken at various conferences and meetings. He also posts on his personal blog at www.tylerhalfpop.com and twitter @tylerhalfpop.

Back to Circle City Con 2015 Videos list

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast