Description: Presentation Materials: http://conference.hitb.org/hitbsecconf2012ams/materials/
Cuckoo Sandbox is an open source automated malware analysis system. It started as a Google Summer of Code 2010 project with The Honeynet Project and evolved into being one of the most appreciated and popular open source sandbox solutions.
It's goal is to provide a way to automatically analyze files and collect comprehensive results describing and outlining what such files do while executed inside an isolated environment. It's mostly used to analyze Windows executables, DLL files, PDF documents, Office documents, PHP scripts, Python scripts, Internet URLs and almost anything else you can imagine. In this presentation we'll discuss about open source sandboxing, we'll dive into the design and development of Cuckoo and we'll kick off from regular usage and move into more juicy experiments, playing with APTs, exploits and banking trojans of every flavor.
ABOUT CLAUDIO GUARNIERI
Claudio is a Security Researcher at iSIGHT Partners, where he is daily involved with malwares, botnets, cybercrime and general Internet badness. After work, he usually enjoys some relax time still on malwares and botnets while being core member of The Shadowserver Foundation and of The Honeynet Project. In the renounced sleep time he develops an open source malware analysis sandbox called Cuckoo Sandbox and maintains Malwr.com.
Tags: securitytube , hack in the box , hacking , hackers , information security , convention , computer security , HITB 12 , HITB-2012 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.