Irregular Expressions:

August, 2012

August 18, 2012  12:39 AM

Working With Packed / Protected Executables

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

First I have to say that I dislike having to do this. My main problem is that if you are going to take the time to pack and attempt to protect your EXE, it's obvious that you are up to no good. For legitimate applications there is times when you would want to do this, but if it's some random...

August 15, 2012  7:33 PM

Julian Assange Update

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

Ecuador says that the UK is threatening to enter it's embassy to arrest Mr.Assange. Ahead of the annoucmance on Thursday on if they will allow asylum. I don't know how much stranger this whole thing can get.

August 15, 2012  7:28 PM

VMWare Malware Lab – Networking Edition

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

When doing analysis I try to keep away from the infection machine, I keep my lab statically setup with an IP, and DNS, Gateway pointing at another machine. For a basic target all you need to do is have tcpdump running to capture any networking requests. If you want to get more complicated you can...

August 15, 2012  1:17 AM

VMWare Malware Lab

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

I am not going to cover the basic setup of a VMWare based lab, really you can use what ever you want as long as you can attempt to keep it isolated from the system. I use VMWare for a couple reasons, mainly for the ability for me to take vm's from fustion, workstation, ESXi and move them back...

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: