Skip to content

Nikhil Hegde

Vestigium

  • Blog
    • Technology
      • Reverse Engineering
        • Malware Analysis
          • Malware Analysis – Bandios – Part 2
          • Malware Analysis – Bandios – Part 1
          • Malware Analysis – TrickBot – Part 2
          • Malware Analysis – TrickBot – Part 1
          • Malware Analysis – Gozi/Ursnif Downloader
          • Malware Analysis – WannaCry
          • Malware Analysis – NanoCore + MITRE ATT&CK Mapping
          • Android Malware Analysis – BTCTurk Pro Beta
          • Android Malware Analysis – DroidDream
        • Firmware Extraction using BusPirate and Emulation using QEMU
        • String Deobfuscation using SMT Solver
        • JavaScript String Deobfuscation
      • Threat Detection / Intel
        • PCAP Analysis
          • PCAP Analysis – 4
          • PCAP Analysis – 3
          • PCAP Analysis – 2
          • PCAP Analysis – 1
        • Clustering Malware based on Printable Strings and Dynamic API Calls
        • Honeypot, Malware and Splunk
        • Binary Similarity Measure using ssdeep
        • Learning Splunk Rules by Analyzing iptables Firewall Logs
      • Forensics
        • Analyzing Memory Dumps – R2D2 Malware
      • Exploit Techniques
        • Format String Exploit
        • Integer Overflow Vulnerability
        • Return-Oriented Programming – ROP Chaining
        • Return-to-libc Exploit
        • Using Environment Variables in an Exploit
      • Pentesting
        • Pentesting – VulnHub: DC-1
        • Pentesting – VulnHub: DC-2
        • Pentesting – VulnHub: DC-4
      • Security Research
        • Using Steganography to Distribute Malware?
      • Blockchain
        • Lottery on the Ethereum Blockchain
        • Bitcoin Blockchain as a Graph in Neo4j
    • Astronomy
      • Celestial Coordinate Systems
  • LinkedIn
  • Twitter
  • GitHub

Category: Threat Detection / Intelligence

April 2, 2020 Threat Detection / Intelligence

Clustering Malware based on Printable Strings and Dynamic API Calls

In my experience of analyzing malware, the high-level process has always been straightforward. Examine static attributes, run it in a

Continue reading
December 6, 2019 Threat Detection / Intelligence

Binary Similarity Measure using ssdeep

We have all used cryptographic hashes to determine the integrity of files. You may have a preference for MD5, SHA256, SHA512,

Continue reading
November 11, 2019 Threat Detection / Intelligence

Honeypot, Malware and Splunk

Many articles in my blog are dedicated to malware analysis. All of the articles involve downloading the malware from malware

Continue reading
October 24, 2019 Threat Detection / Intelligence

Learning Splunk Rules by Analyzing iptables Firewall Logs

The 21st century is the age where information is power. This information comes in various forms of machine data which

Continue reading
WordPress Theme: Maxwell by ThemeZee.