Research, Paper and Presentation

Comprehensive Blended Malware Threat Dissection Analyze Fake Anti-Virus Software and PDF Payloads — Comprehensive Blended Malware Threat Dissection Analyze Fake Anti-Virus Software and PDF Payloads (28 Feb 2010)

Honeynet Challenge 2010 — Challenge 1 of the Forensic Challenge 2010 - pcap attack trace

SANS Forensics Contest — Candidate needs to download a .pcap file and use or even write some awesome scripts to parse and extract relevant evidence. For us, we simply use Network Miner to extract the evidence. Of course, it is good to write script for it. Other than that, you could find previous contests with customized and hand-made original script.

Whitepaper of Balance Pwn Trade Deficit — The paper is under review and more content will be added. Please stay tuned.