Chapter 5. Good versus Evil – Ogre Wars
In this chapter, we will cover the following topics:
- Linux configuration for network traffic analysis
- Xor DeObfuscation
- Malicious web script analysis
- Bytecode decompilers
- Document analysis
- Redline-Malware memory forensics
- Malware intelligence
The battle never ends, and fighting malware is like trying to kill a multi-headed Hydra. The tools are dual-natured and both offense and defence keep progressing, and the methods keep getting innovated. Also, few features keep recurring:
- Regression: Repeating an old attack to the uninitiated or unprepared is like catching the enemy unawares, and hence is an effective technique.
- Redundancy: As in the case of using NOP sleds in shellcode is like buying insurance and ensures that ...