Malware Analysis with SecurityOnion (Video)

This video demonstrates how one could use the SecurityOnion distribution to analyze a pcap, captured during a malware infection. This video will demonstrate this by using tcpreplay to "replay" a pcap of an Angler EK infection. Using various tools provided in the SecurityOnion distribution you will discover the chain of events that led up to the compromise.

Tools used are SecurityOnion, SGUIL, WHOIS, SNORT, ELSA, BRO and more

PCAP provided by http://www.malware-traffic-analysis.net/

More videos: https://github.com/Security-Onion-Solutions/security-onion/wiki/Videos

This video is a demo used in the workshops of the CyberSecurity Operations Networking Academy course.

Posted at 03:25 PM in CyberSecurity, Security, Video, Workshop | Permalink

Comments

You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

Posted by: |

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:

Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Post a comment

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)

Name is required to post a comment

Please enter a valid email address

Invalid URL

vzw BiASC asbl

Categories

Thursday, 28 December 2017