Professional Documents
Culture Documents
Lecture 04 - Attacking On Network Devices
Lecture 04 - Attacking On Network Devices
Acknowledgements:
The contents are compiled from
S. Halder, S. Ozdemir (2018) . Hands-On Machine Learning for Cybersecurity_ Safeguard your system by making your
machines intelligent using the Python ecosystem-Packt Publishing
Monnappa K A - Learning Malware Analysis_ Explore the concepts, tools, and techniques to analyze and investigate
Windows malware-Packt Publishing (2018)
Andrew Whitaker, Daniel P. Newman - Penetration testing and network defense -Cisco Press (2006)
Recall of Spoofing and Session
Hijacking in Week 3 Lecture
Reconnaissance and open source intelligence tools
Phishing/ Spoofing Concepts
ARP, IP and DNS Spoofing, Avanced Spoofing framework
Session Hijacking and TCP/IP Hijacking
how attackers can capture and analyze the traffic by placing
a packet sniffer with a real-time example incorporating WIL
to learn varied tools.
Phase 1 – Reconnaissance
Phase 2 – Initial compromise
Phase 3 – Command and control
Phase 4 – Lateral movement
Phase 5 – Target attainment
Phase 6 – Ex-filtration, corruption, and disruption
• Virus or Worm
• Trojan
• Backdoor / Remote Access Trojan (RAT)
• Adware
• Botnet
• Information stealer
• Ransomware
• Rootkit
• Downloader or dropper
• Static analysis
• Dynamic analysis (Behavioral Analysis)
• Code analysis
• Memory analysis (Memory forensics)
– Integrating different analysis techniques
can reveal a wealth of contextual
information,
– which will prove to be valuable in your
malware investigation.
April 2020 Compiled by Dr Ajay Shiv Sharma 29
Static Analysis
On Linux systems, to look for the file signature, the xxd command can
be used, which generates a hex dump of the file as shown here:
$ xxd -g 1 log.exe | more