A SANS Diarist (Daniel Wesemann) details going from a packet capture to binary recovery to malware investigation. I’m particularly keeping this for the packet cap to binary conversion. One of many ways to skin the cat (skin the cap?).
2 thoughts on “packet cap to binary from sans”
Comments are closed.
great find!
This reminds me of a great presentation on Malware discovery by Tom Liston.
Links here if your interested.
http://www.chicagocon.com/images/stories/library/media_lab/2007/ChiCon07_Liston_FTBM-Live.ppt
and the audio
http://www.chicagocon.com/images/stories/library/media_lab/2007/ChiCon07_Liston_FTBM-Live.mp3
Regards
Lee
Awesome! I’m grabbing them now, thanks!