SUNBURST SolarWinds Hunting - Malware Internals , Backdoor Stages, DGA Analysis and RECON скачать в хорошем качестве

SUNBURST SolarWinds Hunting - Malware Internals , Backdoor Stages, DGA Analysis and RECON

In this video we talk about Hunting , DGA Analysis and RECON with respect to SUNBURST #malware. Checkout this link for Episode 1 :    • SUNBURST SolarWinds Malware Analysis - Too...   1. We look in more detail at the steps on how you can utilize the IOC and TTP for effective Hunting and IR 2. We look at the OSINT recon we can do on the C2 domain to gather PassiveDNS data 3. We examine how the structure of those DNS requests and how they can be reverse-engineered to identify potential victims. 4. We will looking into the internals of the DGA code implementation in the Sunburst backdoor and its Stages 5. We will also looking at the NETRESEC team decoder on analyzing teh PDNS data and how you can extract the AV products and STAGE2 info using the free tool developed and released by the Netresec team 6. Finally we will reviewing the MITRE attack steps involving the Sunburst Backdoor and the Closing Words There are some super-smart people analysing this malware and I thank for their awesome Contribution , so please check out the following links, write-ups and tools: Links: ========== https://www.fireeye.com/blog/threat-r... https://mp.weixin.qq.com/s/v-ekPFtVNZ... https://www.microsoft.com/security/bl... https://github.com/fireeye/sunburst_c... DGA Write-Ups ============= https://www.netresec.com/?page=Blog&m... https://www.netresec.com/?page=Blog&m... https://www.netresec.com/?page=Blog&m... https://blog.prevasio.com/2020/12/sun... DGA Decoder and PassiveDNS =============================== https://www.netresec.com/files/Sunbur... https://github.com/bambenek/research/... THANKS ======= If you LIKED this video, please hit the THUMBS UP. If you LOVED it, please SUBSCRIBE!