万本电子书0元读

万本电子书0元读

顶部广告

Cuckoo Malware Analysis电子书

售       价:¥

7人正在读 | 0人评论 9.8

作       者:Digit Oktavianto

出  版  社:Packt Publishing

出版时间:2013-10-16

字       数:52.0万

所属分类: 进口书 > 外文原版书 > 电脑/网络

温馨提示:此类商品不支持退换货,不支持下载打印

为你推荐

  • 读书简介
  • 目录
  • 累计评论(0条)
  • 读书简介
  • 目录
  • 累计评论(0条)
This book is a step-by-step, practical tutorial for analyzing and detecting malware and performing digital investigations. This book features clear and concise guidance in an easily accessible format.Cuckoo Malware Analysis is great for anyone who wants to analyze malware through programming, networking, disassembling, forensics, and virtualization. Whether you are new to malware analysis or have some experience, this book will help you get started with Cuckoo Sandbox so you can start analysing malware effectively and efficiently.
目录展开

Cuckoo Malware Analysis

Table of Contents

Cuckoo Malware Analysis

Credits

About the Authors

Acknowledgement

About the Reviewers

www.PacktPub.com

Support files, eBooks, discount offers and more

Why Subscribe?

Free Access for Packt account holders

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Downloading the example code

Errata

Piracy

Questions

1. Getting Started with Automated Malware Analysis using Cuckoo Sandbox

Malware analysis methodologies

Basic theory in Sandboxing

Malware analysis lab

Cuckoo Sandbox

Installing Cuckoo Sandbox

Hardware requirements

Preparing the host OS

Requirements

Install Python in Ubuntu

Setting up Cuckoo Sandbox in the Host OS

Preparing the Guest OS

Configuring the network

Setting up a shared folder between Host OS and Guest OS

Creating a user

Installing Cuckoo Sandbox

cuckoo.conf

<machinemanager>.conf

processing.conf

reporting.conf

Summary

2. Using Cuckoo Sandbox to Analyze a Sample Malware

Starting Cuckoo

Submitting malware samples to Cuckoo Sandbox

Submitting a malware Word document

Submitting a malware PDF document – aleppo_plan_cercs.pdf

Submitting a malware Excel document – CVE-2011-0609_XLS-SWF-2011-03-08_crsenvironscan.xls

Submitting a malicious URL – http://youtibe.com

Submitting a malicious URL – http://ziti.cndesign.com/biaozi/fdc/page_07.htm

Submitting a binary file – Sality.G.exe

Memory forensic using Cuckoo Sandbox – using memory dump features

Additional memory forensic using Volatility

Using Volatility

Summary

3. Analyzing the Output of Cuckoo Sandbox

The processing module

Analyzing an APT attack using Cuckoo Sandbox, Volatility, and Yara

Summary

4. Reporting with Cuckoo Sandbox

Creating a built-in report in HTML format

Creating a MAEC Report

Exporting data report analysis from Cuckoo to another format

Summary

5. Tips and Tricks for Cuckoo Sandbox

Hardening Cuckoo Sandbox against VM detection

Cuckooforcanari – integrating Cuckoo Sandbox with the Maltego project

Installing Maltego

Automating e-mail attachments with Cuckoo MX

Summary

Index

累计评论(0条) 0个书友正在讨论这本书 发表评论

发表评论

发表评论,分享你的想法吧!

买过这本书的人还买过

读了这本书的人还在读

回顶部