Throughout the book, there are labs that are designed to help you in your quest to analyze malware. This appendix lists all the laboratories contained in the book.
LAB 7-1: Extracting and Copying Drivers to the Windows 7 Installation Media
LAB 7-2: Creating a Bootable USB Stick Windows 7 Installer
LAB 7-3: Creating a Bootable USB Stick Windows 7 Installer Using the Windows 7 USB/DVD Download Tool
LAB 7-4: Protecting Firefox Using Built-in Options
LAB 7-5: Protecting Firefox Using Add-ons and Plug-ins
LAB 7-6: Creating a Virtualized Ubuntu Desktop Using VMware Player
LAB 7-7: Creating a Virtualized Ubuntu Desktop Using VirtualBox
LAB 8-1: Installing VMware Player in Ubuntu
LAB 8-2: Uninstalling VMware Player in Ubuntu
LAB 8-3: Installing VirtualBox in Ubuntu
LAB 8-4: Uninstalling VirtualBox in Ubuntu
LAB 8-5: Disabling Automatic Updates in Windows 7
LAB 8-6: Disabling User Account Control in Windows 7
LAB 8-7: Making Internet Explorer Malware Friendly
LAB 8-8: Making Mozilla Firefox Malware Friendly
LAB 8-9: Making Google Chrome Malware Friendly
LAB 8-10: Making Microsoft Office Malware Friendly
LAB 8-11: Making Adobe Reader Malware Friendly
LAB 8-12: Setting a Non-persistent Image in VirtualBox
LAB 8-13: Setting a Non-persistent Image in VirtualBox Using the Command Line
LAB 8-14: Creating a Non-persistent Bare-Metal System Using Deep Freeze Standard
LAB 8-15: Creating a Clonezilla Live in USB Flash Drive
LAB 8-16: Backing Up a Partition Using Clonezilla Live
LAB 8-17: Restoring a Partition Using Clonezilla Live
LAB 9-1: Using Dependency Walker to Determine a PE File’s Dependencies
LAB 9-2: Installing pefile in Ubuntu
LAB 9-3: Using a Python Script to Display PE Header Information
LAB 9-4: Installing and Utilizing pedump
LAB 9-5: Using a Python Script to Display PE Section Information
LAB 9-6: Using a Python Script to Display PE Import Information
LAB 9-7: Using a Python Script to Display PE Export Information
LAB 9-8: Using a Python Script to Display All PE Information
LAB 10-1: Installing and Using p7zip
LAB 10-2: Creating a Private and Public Key Pair
LAB 10-3: Setting the Key as the Default
LAB 10-4: Uploading Your Key to Ubuntu Keyserver
LAB 10-5: Backing Up and Restoring Your Key Pair
LAB 10-7: Unrevoking a Key Pair
LAB 10-8: Changing the Expiration Date of a Key Pair
LAB 10-9: Encrypting and Decrypting a File Using GnuPG
LAB 10-10: Encrypting a File with the Public Key of the Intended Recipient
LAB 11-1: Using a Python Script to Compute MD5 and SHA-1
LAB 11-3: Using a Python Script That Identifies File Type
LAB 11-4: Getting Started with the VirusTotal Public API
LAB 11-5: Using ClamAV for File Scanning
LAB 11-6: Using ClamTK for File Scanning
LAB 11-7: Writing a Signature for ClamAV
LAB 11-8: Packing a File Using UPX
LAB 11-9: Using a Python Script to Identify Packed Binaries
LAB 11-10: Extracting Strings from Files (Ubuntu)
LAB 11-11: Extracting Strings from Files (Windows)
LAB 12-1: Detecting System Changes Using InstallRite
LAB 12-2: Detecting System Changes Using Uninstall Tool
LAB 12-3: Analyzing Running Processes in Memory Using Process Explorer
LAB 12-4: Quickly Inspecting Whether a Process Is Persistent
LAB 12-5: Analyzing Network Behavior Using TCPView
LAB 12-6: Analyzing Network Behavior Using Wireshark
LAB 13-2: Creating a Yara Rule
LAB 13-3: Installing Yara Support for Python
LAB 13-4: Using a Python Script That Utilizes Yara Rules
LAB 13-6: Manually Unpacking a Packed Malware
LAB 13-7: Analyzing a User Mode Rootkit
18.219.236.62