[ mainpage :: register :: conference :: training :: the venue ]
[ capture the flag (CTF) :: zone-h/hitb hacking challenge :: bzflag ]
[ call for papers (CFP) :: conference agenda :: sponsors :: press/media :: forum ]
[ conference kit (PDF) :: past conferences :: contact us ]

Keynote Videos Now Available for Download

Day 1 Keynote: Bruce Schneier - Schneier on Security
Day 2 Keynote: Jeremiah Grossman - Hacks Happen

Jamie Butler (Coauthor of Rootkits: Subverting the Windows Kernel)

Filed under: Main Page — Administrator @ 10:55 am

Presentation Title: Computer Forensics and Incident Response: Bringing Sexy Back
Presentation Details:

Sexy isn’t the word that comes to mind these days when you think computer forensics. And why should it, when any junior analyst can sit in front of one of those expensive GUI tools and pick out kiddie porn.

Those tools however, are pretty useless when it gets to the really sexy stuff like detecting injected shellcode running on a Windows box with no underlying file on disk. (Canvas and Meterpreter can both perform this attack.) Or how about the ability to read any logical file on the disk in real time no matter if the OS itself has it locked for exclusive access. Does this remind you of a time when all you wanted your anti-virus to do was tell you the contents of a suspicious file or allow you the ability to
delete it?

This talk will cover using open source tools to build a better, sexier forensic capability. In addition, I will throw in some additional tricks of my own and use enough demo rope that I am sure to hang myself.

About Jamie

Mr. Butler is a highly respected member of the information security community with a decade of experience in Windows operating system security. Prior to joining MANDIANT, Jamie was the CEO of HBGary Federal. His experience also includes Windows Host Intrusion Detection development at Enterasys Networks and over five years experience at the National Security Agency. He is the co-author and instructor of both the popular “Advanced 2nd Generation Digital Weaponry” course (recently taught at the 2006 BlackHat Training conference) and the “Offensive Aspects of Rootkit Technology” course which has been taught in five countries.



Event Organizer


Hack In The Box (M) Sdn. Bhd.

Event Partner


SCANIT ME LLC


OGER SYSTEMS

Supported & Endorsed By


UAE Telecommunications Regulatory Authority (TRA)


Malaysian Communications and Multimedia Commission (MCMC)


Malaysian Administrative Modernisation & Management Planning Unit

Platinum Sponsors

Titanium Sponsor (Post Conference Reception)


ArgenISS

Gold Sponsors


Google


Microsoft Corporation

Official Media Partner (Magazine)


Network Middle East


Arabian Computer News


ITP Business

Official Airline Partner


Emirates Airlines

Our Speakers are Supported By


Bellua Asia Pacific

Supporting Media:

Virus Bulletin

Virus Bulletin (VB)

InfoSec News

(ISN) InfoSec News

InfoSec News

XAKEP (Russia)

Insecure Magazine

PHRACK Magazine

Hakin9 Magazine

Supporting Organizations



CONFidence


ISECOM - Insititue for Security and Open Methodologies


ISACA Malaysia


IT Underground


X-Focus China

Zone-H Defacement Mirror


Xatrix Security


Special Interest Group in Security & Information InteGrity Singapore


Syscan