‹ ALL BLOGS
Alien Labs

Ossim: Shellcode Detection and Analysis

March 10, 2009 | Jaime Blasco

I’m glad to announce a new feature we have added to forensic console. We use libemu to make shellcode detection and analysis to help on forensic analysis and reduce false positives, an example:

 

be_ixf;ym_202003 d_29; ct_50
  • be_ixf; php_sdk; php_sdk_1.4.26
  • https://cybersecurity.att.com/blogs/labs-research/ossim-shellcode-detection-and-analysis
  • https://cybersecurity.att.com/blogs/labs-research/ossim-shellcode-detection-and-analysis
Jaime Blasco

About the Author: Jaime Blasco

Jaime Blasco is a renowned Security Researcher with broad experience in network security, malware analysis and incident response. At AT&T Cybersecurity, Jaime leads the Alien Labs Intelligence and Research team that leads the charge of researching and integrating threat intelligence into detection mechanisms. Prior to working at AT&T, Jaime was Chief Scientest at AlienVault. Prior to that, he founded a couple of startups (Eazel, Aitsec) working on web application security, source code analysis and incident response. He is based in San Francisco. Jaime's work in emerging threats and targeted attacks is frequently cited in international publications such as New York Times, BBC, Washington Post and Al Jazeera.

Read more posts from Jaime Blasco ›

TAGS: ossim, attacks, libemu, directives, correlation, shellcodes

‹ BACK TO ALL BLOGS

Get the latest security news in your inbox.

Subscribe via Email

Twitter LinkedIn Facebook Reddit
Watch a Demo ›
Get Price Free Trial

Hello! We use cookies to provide you with a great user experience. By using our website, you agree to our Privacy Policy & Website Terms of Use.