- My team at Savvis provides security assessments, design, and operational assistance for businesses.
- Learn how to analyze malware at my SANS course in New York, London, DC, and over the Web.
- My new 2-day course on Combating Malware debuts in Las Vegas at half price; full price in DC.
Combating Malicious Software
These articles and notes describe my perspective on malware threats and associated defensive techniques. Join the fight by learning how to combat malicious software.
Combating Malware in the Enterprise Course
SANS' 2-day Combating Malware in the Enterprise course, which I co-authored, presents a practical approach to discovering and mitigating malware threats in an enterprise environment.
5 Steps to Building a Malware Analysis Toolkit Using Free Tools
Examining the capabilities of malicious software allows your IT team to better assess the nature of a security incident, and may help prevent further infections. Here's how to set up a controlled malware analysis lab—for free.
Analyzing Malicious Documents Cheat Sheet
This cheat sheet outlines tips and tools for reverse-engineering malicious documents, such as Microsoft Office (DOC, XLS, PPT) and Adobe Acrobat (PDF) files.
What to Include in a Malware Analysis Report
This note summarizes my recommendations for what to include in the report that describes the results of the malware analysis process.
Updates from Twitter Users Who Cover Malware
I maintain a list of Twitter users whose updates focus on malicious software threats and defenses. You can use this page to read the latest updates from these individuals.
On-Line Tools for Malicious Website Lookups
Several organizations offer free on-line tools for looking up a potentially malicious website. Some of these tools provide historical information; others examine the URL in real time to identify threats.
Blocklists of Suspected Malicious IPs and URLs
Several organizations maintain and publish blocklists/blacklists of IP addresses and URLs of systems and networks suspected in malicious activities on-line. This brief note mentions several such publicly-available lists.
Automated Malware Analysis Services
This brief note provides a listing of freely-available services that automate key behavioral analysts tasks for malicious software.
Stopping Malware on its Tracks
This article presents recommendations for addressing the risks associated with modern malware. Stopping malware requires an approach grounded in awareness and control.
Reverse-Engineering Cheat Sheet
This is a cheat sheet of shortcuts and tips for reverse-engineering malware. It covers the general malware analysis process, as well as useful tips for OllyDbg, IDA Pro, and other tools.
Using VMware for Malware Analysis
This article describes an approach to using VMware virtualization for setting up a malware analysis sandbox.
Reverse-Engineering Malware Paper
This paper defines a framework for using easily-accessible tools and a dual-phased approach to examine malware such as viruses, worms, and trojans.
The Evolution of Malicious Agents
This article examines the evolution of malicious agents by analyzing popular viruses, worms, and trojans, and detailing the possibility of a new breed of malicious software.
Copyright © 1995-2010 Lenny Zeltser. All rights reserved. RSS Feed.
The information on this site does not necessarily represent positions or opinions of my employer.