PyCon Finland 2015 Matteo Cafasso - Hunting Malware with Python
Worms, Trojans, BotNets and Ransomware. These bad guys are quite known nowadays but how do they look like?
I am gonna show one of the approaches IT Security experts employ to study these threats using open source Python technologies.
The presentation would be a live demo in which I'll execute some malware in a secure environment and show how it behaves and how to detect it.
I will show a Sandboxing technology developed within F-Secure named Sandboxed Execution Environment (SEE). SEE is a Python framework which allows to quickly build behavioural scanning engines.
SEE will be used altogether with other open source technologies to show some recent malware to the audience.
About the author: I am a software engineer working in F-Secure Labs. F-Secure Corporation is an IT security company based in Helsinki.
Among my duties, malware handling and analysis automation is one of the most interesting to me.
I develop and maintain the main behavioural scanning engines within F-Secure back-end and SEE is one of their core technology.