Difference between pages "Malware" and "GRR"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
(Exploit Kit)
 
(Publications)
 
Line 1: Line 1:
'''Malware''' is a short version of '''Malicious Software'''.
+
{{Infobox_Software |
 +
  name = Rekall |
 +
  maintainer = [[Darren Bilby]] and others |
 +
  os = {{Cross-platform}} |
 +
  genre = {{Incident response}} |
 +
  license = {{APL}} |
 +
  website = [https://code.google.com/p/grr/ code.google.com/p/grr/] |
 +
}}
  
Malware is software used for data theft, device damage, harassment, etc. It is very similar to computer malware. It installs things such as trojans, worms, and botnets to the affected device. It is illegal to knowingly distribute malware.
+
GRR is an Incident Response Framework focused on Remote Live Forensics.
  
== Virus ==
+
= See also =
A computer program that can automatically copy itself and infect a computer.
+
* [[rekall]]
  
== Worm ==
+
= External Links =
A self-replicating computer program that can automatically infect computers on a network.
+
* [https://code.google.com/p/grr/ Project site]
 +
* [https://code.google.com/p/grr/wiki/ProjectFAQ Project FAQ]
 +
* [http://grr.googlecode.com/git/docs/index.html Documentation]
  
== Trojan horse ==
+
== Publications ==
A computer program which appears to perform a certain action, but actually performs many different forms of codes.
+
* [http://static.googleusercontent.com/media/research.google.com/en/us/pubs/archive/37237.pdf Distributed forensics and incident response in the enterprise], by [[Michael Cohen]], [[Darren Bilby]], G. Caronni. Digital Investigation, 2011.
 +
* [https://googledrive.com/host/0B9hc84IflFGbN2IwMTUyYTUtMTU0Mi00ZWQ3LWFhNDktM2IyMTg5MmY3OWI0/Hunting%20in%20the%20Enterprise:%20Forensic%20Triage%20and%20Incident%20Response Hunting in the enterprise: Forensic triage and incident response], by [[Andreas Moser], [[Michael Cohen]], Digital Investigation, 2013.
  
== Spyware ==
+
== Presentations ==
A computer program that can automatically intercept or take partial control over the user's interaction.
+
* [https://googledrive.com/host/0B1wsLqFoT7i2N3hveC1lSEpHUnM/Docs/GRR%20Rapid%20Response%20-%20OSFC%202012.pdf OSDFC 2012 GRR Overview], by [[Darren Bilby]]
  
== Exploit Kit ==
+
== Workshops ==
A toolkit that automates the exploitation of client-side vulnerabilities, targeting browsers and programs that a website can invoke through the browser.
+
* [https://drive.google.com/?usp=chrome_app#folders/0B1wsLqFoT7i2eU1jU0JldW9JUU0 OSDFC workshop 2013] , by [[Darren Bilby]]
 
+
== See Also ==
+
== External Links ==
+
* [http://en.wikipedia.org/wiki/Malware Wikipedia entry on malware]
+
* [http://www.viruslist.com/ Viruslist.com]
+
* [http://code.google.com/p/androguard/wiki/DatabaseAndroidMalwares Androguard]: A list of recognized Android malware
+
 
+
=== Exploit Kit ===
+
* [http://blog.zeltser.com/post/1410922437/what-are-exploit-kits What Are Exploit Kits?], by [[Lenny Zeltser]], October 26, 2010
+
* [http://nakedsecurity.sophos.com/2013/07/02/the-four-seasons-of-glazunov-digging-further-into-sibhost-and-flimkit/ The four seasons of Glazunov: digging further into Sibhost and Flimkit], by Fraser Howard on July 2, 2013
+
 
+
[[Category:Malware]]
+

Revision as of 14:20, 12 January 2014

Rekall
Maintainer: Darren Bilby and others
OS: Cross-platform
Genre: Incident Response
License: APL
Website: code.google.com/p/grr/

GRR is an Incident Response Framework focused on Remote Live Forensics.

Contents

See also

External Links

Publications

Presentations

Workshops