LRQA Nettitude Blog

Tom Wilson

Recent Posts

Context Triggered Piecewise Hashing To Detect Malware Similarity

Posted by Tom Wilson on Jun 30, 2015

At Nettitude we collect a large amount of malware binary samples, both from our Honeypot network, from our customers and from incident response. One of the first steps we take is to calculate the MD5 hash of the malware and compare this hash to known samples, while unknown samples can be examined further by an analyst.

Read More
0 Comments Click here to read/write comments

Topics: Security Blog, Uncategorized

Windows Inline Function Hooking

Posted by Tom Wilson on Mar 18, 2015

Hooking can be used by legitimate software for reverse engineering, for example, to examine the user mode function calls that a malicious program is making.

Read More
0 Comments Click here to read/write comments

Topics: Security Blog, Uncategorized

DLL Injection: Part Two

Posted by Tom Wilson on Mar 4, 2015

In a previous blog post I gave a high level overview of DLL injection, what it is used for and how it might be achieved.

Read More
0 Comments Click here to read/write comments

Topics: Security Blog, Uncategorized

DLL Injection: Part One

Posted by Tom Wilson on Feb 25, 2015

A High Level Overview

Read More
0 Comments Click here to read/write comments

Topics: Security Blog, Uncategorized

All posts

Subscribe Here!

About LRQA Nettitude

Through our connected portfolio of advanced cybersecurity solutions, LRQA Nettitude helps companies to identify and manage the vulnerabilities and threats that pose a risk to their business, building cybersecurity resilience and underpinning your business strategy with proactive measures.

Recent Posts

Posts by Tag

See all