Forensic Campus - "Malware Analysis Essentials using REMnux"
- Lenny Zeltser
- Monday, December 10th, 7:15pm - 8:15pm
Though some tasks for analyzing Windows malware are best performed on Windows laboratory systems, there is a lot you can do on Linux with the help of free and powerful tools. REMnux is an Ubuntu distribution that incorporates many such utilities. This practical session presents some of the most useful REMnux tools. Lenny Zeltser, who teaches SANS' reverse-engineering malware course, will share how you can use the utilities installed on REMnux to:
- Study network interactions of malicious programs
- Analyze malicious websites and obfuscated JavaScript
- Examine malicious PDF documents
- Explore important aspects of suspicious Windows executables
- Identify malware artifacts in memory snapshot files
If you haven't experimented with Linux-based tools for malware analysis, you've been missing out. And if you've been meaning to begin exploring the field of malware analysis, this talk will help you get started.
Bonus Sessions
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
Sunday, December 9
| Session | Speaker | Time | Type |
|---|---|---|---|
| General Session - Welcome to SANS | Dr. Eric Cole | Sunday, December 9th, 8:15am - 8:45am | Special Events |
| Future Trends in Network Security | Eric Cole, Ph.D. | Sunday, December 9th, 7:15pm - 9:15pm | Keynote |
Monday, December 10
| Session | Speaker | Time | Type |
|---|---|---|---|
| Forensic Campus Open House inviting non-attendees to reception | — | Monday, December 10th, 6:00pm - 7:00pm | Reception |
| Women in Technology Meet and Greet | — | Monday, December 10th, 6:30pm - 7:15pm | Reception |
| Top 8 Steps for Effective Mobile Security | Josh Wright, Ed Skoudis | Monday, December 10th, 7:00pm - 8:00pm | Special Events |
| Building a Portable Private Cloud | Paul Henry | Monday, December 10th, 7:15pm - 8:15pm | SANS@Night |
| Forensic Campus - "Malware Analysis Essentials using REMnux" | Lenny Zeltser | Monday, December 10th, 7:15pm - 8:15pm | SANS@Night |
| Gone In 60 Minutes | David Hoelzer | Monday, December 10th, 8:15pm - 9:15pm | SANS@Night |
| Forensic Campus - "Detecting Persistence Mechanisms" | Alissa Torres | Monday, December 10th, 8:15pm - 9:15pm | SANS@Night |
Tuesday, December 11
| Session | Speaker | Time | Type |
|---|---|---|---|
| Vendor Expo | — | Tuesday, December 11th, 12:00pm - 1:30pm Tuesday, December 11th, 5:00pm - 7:00pm |
Vendor Event |
| Unleashing the Dogs of (cyber) War | Ed Skoudis | Tuesday, December 11th, 6:30pm - 8:30pm | SANS@Night |
| SANS Technology Institute Open House | Chancellor Toby Gouker | Tuesday, December 11th, 7:15pm - 8:15pm | Special Events |
| Knock-off Phone Forensics -Some Handsets Aren't What They Appear To Be | Heather Mahalik | Tuesday, December 11th, 7:15pm - 8:00pm | SANS@Night |
| SANS Technology Institute Master's Presentation | Jim Horwath | Tuesday, December 11th, 8:15pm - 8:55pm | Special Events |
| Gamification: Hacking Your Brain for Better Learning | Yori Kvitchko | Tuesday, December 11th, 8:30pm - 9:30pm | SANS@Night |
Wednesday, December 12
| Session | Speaker | Time | Type |
|---|---|---|---|
| GIAC Certification Program Overview | Scott Cassity | Wednesday, December 12th, 6:15pm - 7:00pm | Special Events |
| NetWars Tournament of Champions | Ed Skoudis, Yori Kvitchko | Wednesday, December 12th, 6:30pm - 9:30pm | Special Events |
| Why Our Defenses Are Failing Us. One Click is All it Takes... | Bryce Galbraith | Wednesday, December 12th, 7:15pm - 8:15pm | SANS@Night |
| Securing the Kids | Lance Spitzner | Wednesday, December 12th, 7:15pm - 8:15pm | SANS@Night |
| Forensic Campus - "Intelligence-driven Response for Combating the Advanced Persistent Threat". | Mike Cloppert | Wednesday, December 12th, 7:15pm - 8:15pm | SANS@Night |
| Information Assurance Metrics: Practical Steps to Measurement | James Tarala | Wednesday, December 12th, 8:15pm - 9:15pm | SANS@Night |
| Tactical SecOps: A Guide to Precision Security Operations | Kevin Johnson | Wednesday, December 12th, 8:15pm - 9:15pm | SANS@Night |
| Securing the Human | Lance Spitzner | Wednesday, December 12th, 8:15pm - 9:15pm | SANS@Night |
| Forensic Campus - "How memory forensics will help you lose weight and look ten years younger" | Jesse Kornblum | Wednesday, December 12th, 8:15pm - 9:15pm | SANS@Night |
Thursday, December 13
| Session | Speaker | Time | Type |
|---|---|---|---|
| NetWars Tournament of Champions | Ed Skoudis, Yori Kvitchko | Thursday, December 13th, 6:30pm - 9:30pm | Special Events |
| What's New in Server 2012 and Windows 8 | Jason Fossen | Thursday, December 13th, 7:15pm - 8:45pm | SANS@Night |
| Security Onion: One Step Closer to a Safer Network with Almost no Budget | Chris Mohan | Thursday, December 13th, 7:15pm - 8:15pm | SANS@Night |
| SANS Technology Institute Master's Presentation | Michael Hoehl | Thursday, December 13th, 7:15pm - 7:55pm | Special Events |
