Logo Crossweb

Logowanie

Nie masz konta? Zapomniałem hasła

Przypomnij hasło

close Wypełnij formularz.
Na Twój adres e-mail zostanie wysłane link umożliwiający zmianę hasła.
Wyślij
<< przejdź do listy wideo

DRAKVUF Sandbox: Open source, self-hosted malware sandbox in hypervisor

06.06.2022
Cykl:   CONFidence

DRAKVUF Sandbox - Open source, self-hosted malware sandbox in hypervisor


Please don’t be scared if you don’t know what “sandboxes” are for. The presentation will introduce some basic information and will feature some funny demos :) DRAKVUF Sandbox is a self hosted, open source dynamic malware analysis system that uses cutting edge monitoring techniques. Currently, it is the only open, actively developed system that uses the technique of virtual machine introspection (VMI). By using this technology, it is possible to analyze malware adapted to avoid regular sandboxes, as well as more in-depth monitoring of the actions taken by the sample in the system. During the talk, we will briefly introduce DRAKVUF's ecosystem, explain what is Virtual Machine Introspection, how it's different from regular approach to sandboxing, what are the unique challenges with development of such systems, how analysts could benefit on that and how to integrate it into your own malware processing pipeline.

Podobne wydarzenia