How are PE files mapped into memory? Follow me on Twitter: https://twitter.com/struppigel
I explain the basic structure of the Portable Executable file format using animated graphics. This video is meant for beginners in malware analysis. Follow me
by Jeremy Galloway What's scarier, letting HD Moore rent your house and use your home network for day or being the very next renter that uses that network? Wit
Websites can still be hacked using SQL injection - Tom explains how sites written in PHP (and other languages too) can be vulnerable and have basic security iss
NTFS, FAT32, exFAT...what are the differences between file systems, and what does a file system actually do, anyway? lynda.com message: Sign up for your 10-day
Decompilation fails and de4dot cannot deobfuscate this trojan spy named Evrial. We discover code in the module's constructor (.cctor) that fixes the assembly.
The vast majority of threat hunting takes place on easily visible and accessible system artifacts. These include log entries, network data, command line histori
Watch on Udacity: https://www.udacity.com/course/viewer#!/c-ud007/l-1032798942/m-1014480747 Check out the full High Performance Computer Architecture course for
Attend Free Online Virtual Hacker Conference: www.kringlecon.com Presented by: Chris Davis Learn information security skills: www.sans.org In this talk we disc
In this video we will look at memory layout for a C / C++ program. When we run a C or C++ program, the loader module loads the executable version of the C / C++
Concepts and terminology of encrypted viruses and self-mutating viruses. Follow me on Twitter: https://twitter.com/struppigel
Clickbait title. Just a bit of brain food. Games, licenses and many other things depend on a good time source. But where does the time come from and should you
http://CppCon.org — Presentation Slides, PDFs, Source Code and other presenter materials are available at: https://github.com/CppCon/CppCon2017 — If you build s
In this video, we talk about how machine learning is used to create antivirus programs! Specifically, a classifier can be trained to detect whether or not some
Here I show you the disassembly of point-of-sale malware knowng as ScanPOS. According to ProofPoint this was delivered by the Kronos Banking Trojan back in 2016
My recent, related videos: Basic File IO in C https://youtu.be/BQJBe4IbsvQ Get the size of files. https://youtu.be/FT2A2HQbTkU Easier working with file paths
We unpack a Dridex sample that uses process hollowing for memory execution. Follow me on Twitter: @struppigel Sample: https://www.hybrid-analysis.com/sample/e
Interactive lecture at http://test.scalable-learning.com, enrollment key YRLRX-25436. What is virtual memory? Indirection between the program's addresses and th
We unpack and decompile a malware that was written in Python and transformed into an executable with PyInstaller. In order to do that we have to fix the header