conf.directory

DEF CON Safe Mode Demo Labs - Tamoaki Tani - malconfscan with cuckoo

Tamoaki TaniDEF CON
19:32
0 views
Published August 19, 2020

About this talk

"MalConfScan with Cuckoo" is a tool for automatically extracting known Windows and Linux malware's configuration data. MalConfScan with Cuckoo works as a plug-in for Cuckoo Sandbox. Cuckoo Sandbox is a leading open-source automated malware analysis system. You can automatically dump malware configuration data by installing this plug-in on Cuckoo. This is a unique feature compared to other commercial Sandbox products. It supports over 30+ Windows and Linux malware families to extract the configuration data. Also, it can be used for the memory forensics tool for Windows/Linux OS as a Volatility plug-in. It helps to detect known/unknown malware and extract configuration data from memory images.

Topics covered

Cuckoo Sandbox
Malware analysis
configuration extraction
Memory forensics
Volatility memory analysis framework

Stay Updated

Get notified about new features and conference additions.

Related Talks

The Art of Code - Dylan Beattie
01:00:49

The Art of Code - Dylan Beattie

Dylan Beattie
NDC Conferences
4,796,409 views
February 26 2020
Watch Now
What the heck is the event loop anyway? | Philip Roberts | JSConf EU
26:53

What the heck is the event loop anyway? | Philip Roberts | JSConf EU

Philip Roberts
JSConf EU
3,551,387 views
October 9 2014
Watch Now
Expert Talk: DevOps & Software Architecture • Simon Brown, Dave Farley & Hannes Lowette • GOTO 2021
39:51

Expert Talk: DevOps & Software Architecture • Simon Brown, Dave Farley & Hannes Lowette • GOTO 2021

Simon Brown, Dave Farley & Hannes Lowette
GOTO Conferences
3,109,641 views
February 15 2022
Watch Now
DEF CON Safe Mode Demo Labs - Tamoaki Tani - malconfscan with cuckoo by Tamoaki Tani | conf.directory | conf.directory