SKLABs 2012

Malicious PDF file analysis

  Lab name  

Malicious PDF file analysis
  Lab level  

Professional
  Lab description  

We will show the attendees a real scenario of using malicious PDF for targeted attacks. We will explain malicious PDF analysis:
• Extracting embedded JavaScript from the PDF.
• De-obfuscating JavaScript.
• Extracting shellcode.
• Creating and analyzing shellcode executable.

   
  Prerequisites for students  

• Basic information security concepts.
• Laptop with VMplayer installed.

   
  Number of slots
(Slot=1.5 hr) 		 

1 slot
       
  Instructor Name  

Mohamed Abdel-Latief and Ghareeb Saad Eldin

Mohamed Abdel-Latief Ghareeb Saad Eldin

Instructor Credentials
   
     
  Company Name  

Egyptian CERT
  Company Description /Products/contact    
     

EG-CERT was established as part of the National Telecom Regulatory Authority (NTRA).
EG-CERT is charged with providing computer and information security incident response, support, defense and analysis against cyber-attacks and collaboration with government, financial entities and any other critical information infrastructure sectors scoped to Egypt.
Our mission is to provide an early warning system against malware spreading and massive attacks against the Egyptian critical information infrastructure.

 

 

 

 

 

 

© 2012 BlueKaizen.org
Security Kaizen Labs 2012