SEARCH RESULTS
 
Showing 1-4 of 4 records
1
 
Expand article

RAPIER featured in SANS Ask The Expert Webcast

2008-03-16 15:51:00 by Russ McRee in HolisticInfoSec.org
 
...RAPIER during a SANS Ask The Expert Webcast Malcode Analysis and Response: Proficiency vs. Complexity on March 20th, 2008 The threat landscape changes constantly, driven in part by the "bot economy" and changing malcode techniques. In response, incident handler techniques must keep pace. This presentation will cover the use of RAPIER, a...
 
Tags: response, incident response practices, incident, rapier, incident handler techniques, response procedures, expert webcast, information, information security event
 
 
 
 
Expand article

Malware analysis tools

2007-12-26 11:54:00 by Russ McRee in HolisticInfoSec.org
 
...RAPIER 3.2 , Wireshark , Mandiant Red Curtain (MRC) , and the Systinternals tools Check the toolsmith page for articles on Wireshark , MRC , and RAPIER use as well Required reading from the "The Godfather of RE", Lenny Zeltser , includes his Reverse Engineering Malware paper
 
Tags: tools, api-logger, includes api-logger output, includes, malware analysis, toolsmith page, toolsmith, mandiant red curtain, systinternals tools
 
 
 
 
Expand article

Holiday Storm Part 3

2007-12-26 23:43:00 by Russ McRee in HolisticInfoSec.org
 
...RAPIER , discovered darker voodoo than the last two versions Scanning File System For Hidden Files Scanning Drive C 1 C:WINDOWSsystem32cleanmgr.exe Hidden From API 2 C:WINDOWSsystem32clean.config Hidden From API 3 C:WINDOWSsystem32clean6c9-3320.sys Hidden From API 4 C:WINDOWSsystem32dllcachecleanmgr.exe Hidden From API SysAnalyzer says ...
 
Tags: kernel31 api log, log, api, zhelatin-asx, sys, asx, rootkit, helios rootkit detector, zhelatin
 
 
 
 
Expand article

Live from the 20th Annual FIRST Conference

2008-06-26 08:53:00 by Russ McRee in HolisticInfoSec.org
 
...RAPIER I've also been advised of some tools for your consideration, to aid in the security analysis / incident response cause, as well as possible topics for toolsmith Take a look at these, if you aren't already familiar with them BitBlaze - Binary Analysis for COTS Protection and Malicious Code Defense F-Response - The First Truly Vendor...
 
Tags: steve mancini, volatility, volatility framework, anti-virus industry sucks, total unknown, maltego, par osterberg medina, vendor agnostic solution, total
 
 
 
 
 
Showing 1-4 of 4 records
1
 
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia