Difference between pages "Organizations" and "Malware analysis"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
 
(External Links)
 
Line 1: Line 1:
= International Organisations =
+
Analyzing [[malware]], or malicious software, is more of an art than a technique. Because of the wide nature of these products, there are limitless ways to hide functionality.
  
* [http://www.interpol.int/Public/TechnologyCrime/default.asp INTERPOL IT Crime Unit]
+
Some common tools for malware analysis include simple programs like [[strings]]. More complex analysis can be conducted by looking at the headers of executables with programs like [[PEiD]] and [[PeExplorer]]. Finally, the most complete analysis can be done with debuggers like [[IDA Pro]] and [[OllyDbg]].
  
= US Government =
+
== See Also ==
 +
* [[Malware]]
 +
* [[List of Malware Analysis Tools]]
  
* [http://cybercrime.gov/ Computer Crime and Intellectual Property Section of the Department of Justice]
+
== External Links ==
* [http://www.ctin.org Computer Technology Investigators Network]
+
* [http://nakedsecurity.sophos.com/2013/10/11/anatomy-of-an-exploit-ie-zero-day-part-1/ Anatomy of an exploit - inside the CVE-2013-3893 Internet Explorer zero-day - Part 1], by Paul Ducklin on October 11, 2013
* [http://www.ojp.usdoj.gov/nij/ National Institute of Justice]
+
* [http://nakedsecurity.sophos.com/2013/10/25/anatomy-of-an-exploit-inside-the-cve-2013-3893-internet-explorer-zero-day-part-2/ Anatomy of an exploit - inside the CVE-2013-3893 Internet Explorer zero-day - Part 2], by Paul Ducklin on October 25, 2013
* [http://ncfs.ucf.edu/home.html National Center for Forensic Science]
+
* [http://spresec.blogspot.com /2014/03/uroburos-rootkit-hook-analysis-and.html?m=1 Uroburos Rootkit Hook Analysis and Driver Extraction], SP Security Blog, March 20, 2014
* [http://www.cftt.nist.gov/ National Institute of Standards and Technology, Computer Forensic Tool Testing]
+
* [http://www.dc3.mil/dc3/dc3.htm Department of Defense Cyber Crime Center]
+
* Department of [[Defense Cybercrime Center]]
+
* [http://www.rcfl.gov/ FBI Regional Computer Forensic Laboratory Program]
+
* [http://www.osi.andrews.af.mil/ Air Force Office of Special Investigations]
+
  
= Trade Organizations =
+
[[Category:Malware]]
 
+
* [http://www.naidonline.org/ National Association for Information Destruction]
+
 
+
= Professional Organizations =
+
 
+
* [http://www.sans.org/ The SANS Institute]
+
* [http://www.htcia.org/ High Technology Crime Investigation Association]
+
* [http://www.cops.org/ International Association of Computer Investigative Specialists]
+
* [http://www.rcfg.org/ Regional Computer Forensic Group]
+
* [http://www.htcn.org/ High Tech Crime Network]
+
* [http://www.aafs.org/ American Academy of Forensic Science] The AAFS Board of Directors has approved the creation of the Digital and Multi-media section, which will be voted upon during the AAFS business meeting (during the annual meeting) in Feb 2008.
+
* [http://www.infoperitos.com/ Infoperitos - Computer Expert Witness Group from the Spanish Computer Engineers Association]
+
 
+
= Non-profit =
+
* [http://www.digitalforensicsassociation.org/ Digital Forensics Association (DFA)]
+
 
+
[[Category:Organizations]]
+

Revision as of 04:17, 21 March 2014

Analyzing malware, or malicious software, is more of an art than a technique. Because of the wide nature of these products, there are limitless ways to hide functionality.

Some common tools for malware analysis include simple programs like strings. More complex analysis can be conducted by looking at the headers of executables with programs like PEiD and PeExplorer. Finally, the most complete analysis can be done with debuggers like IDA Pro and OllyDbg.

See Also

External Links