conf.directory

DEF CON Safe Mode Demo Labs - Tamoaki Tani - malconfscan with cuckoo

About this talk

"MalConfScan with Cuckoo" is a tool for automatically extracting known Windows and Linux malware's configuration data. MalConfScan with Cuckoo works as a plug-in for Cuckoo Sandbox. Cuckoo Sandbox is a leading open-source automated malware analysis system. You can automatically dump malware configuration data by installing this plug-in on Cuckoo. This is a unique feature compared to other commercial Sandbox products. It supports over 30+ Windows and Linux malware families to extract the configuration data. Also, it can be used for the memory forensics tool for Windows/Linux OS as a Volatility plug-in. It helps to detect known/unknown malware and extract configuration data from memory images.

Stay Updated

Get notified about new features and conference additions.

DEF CON Safe Mode Demo Labs - Tamoaki Tani - malconfscan with cuckoo by Tamoaki Tani | conf.directory | conf.directory