Free non subscription cyber chat
Even for a larger incident response team handling all of the repetitive tasks related to malware infections is a tedious task.
Our malware analysts have spent a lot of time chasing digital forensics from potentially infected Mac OS X systems, leveraging open source tools, like OSXCollector.
Example of vulnerable applications will be analyzed in a live demonstration.
That is, a JSP/WAR/ASPX file is deployed on the server (just as a web shell would be), and a Python script is executed on the attacker's system which performs TCP port-forwarding through that deployed server-side component.
The tool also incorporates novel measures to make the network communication challenging to detect using traditional IDS/IPS/WAF-type systems. NET editions of the server-side component will be included in the initial open source release, but porting the component to other web application servers should be straightforward.
The notebook will provide an interface for the ingestion of heterogenous data and the ability to build a combination of behavior based risk indictors combined with classic signatures.
Prototype examples of different risk profiles will be demonstrated with the API via spark notebook but the libraries themselves should be usable in any Java backed code base.