You are being exposed to malicious scripts in one form or another every day, whether it be in email, malicious documents, or malicious websites. Many malicious scripts at first glance appear to be impossible to understand. However, with a few tips and some simple utility scripts, you can deobfuscate them in just a few minutes. In this webcast, you will learn how to cut through the obfuscation techniques the script authors use and not spend a lot of time doing it. Evan will demonstrate how to quickly deobfuscate a variety of malicious scripts. The slides, samples and the utility scripts that he wrote to deobfuscate malicious scripts can be downloaded here: dfir.to/Malici...
To learn more about the FOR610: Reverse Engineering class visit: www.sans.org/F...
Speaker Bio
Evan Dygert
Evan Dygert is a consultant (Dygert Consulting, Inc.) with over 30 years of experience in software development in areas including compilers, databases, finance, insurance, computer networking and security, and software security. He is experienced in many computer languages including Java, Pascal, C/C++, assembly language, and Python. Since 2005, Evan has also performed digital forensics, computer security, and expert witness work. Evan has written expert reports, affidavits, and declarations and testified in multiple depositions, a federal hearing, and a trial. Evan has presented at BSides Orlando, SANS@Night, OWASP AppSec USA and the (ISC)2 Security Congress. He has earned 15 GIAC certifications, including the prestigious GSE. In addition, he holds the CISSP, CCE, and CEHv8 certifications. Evan enjoys teaching others about security and mentors local high school CyberPatriot teams. His teams have competed in the CyberPatriot National Finals three times. Evan earned a B.S. in Computer Science from Brigham Young University, an MBA from Rollins College, and has completed the coursework for a Ph.D. in Computer Information Systems and will earn his Ph.D. upon completion of the dissertation.