Hacking Malware: Offense is the new Defense
The slides and videos from the Offensive Computing presentation at Defcon 14 are now available. In our talk we demoed several new tools including a generic virtual machine detector. This VM detector tries a variety of methods including the new machine status word (MSW) method. This will allow you to generically detect virtual machines regardless of whether acceleration is enabled.
- Further Down the VM Spiral Paper describing the new VM detection techniques
- VMDetect tool C Source, EXE - Implementation of the VM concepts we spoke about
- Hacking Malware: Offense is the new Defense
- Sasser FTPD Metasploit Exploit Module