Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Virus Total Hunting - Botconf 2018

Thomas Roccia
December 05, 2018
Technology
0
210

Virus Total Hunting - Botconf 2018

This talk is about a tool created with the VT API version 3 to get information about the latest hunting notification. It has been given in December 2018 during the lightening talks.

Thomas Roccia

December 05, 2018
Tweet

More Decks by Thomas Roccia

See All by Thomas Roccia
Binary Instrumentation for Malware Analysis
fr0gger
2
1k
Conti Leaks: Practical walkthrough and what can we learn from it
fr0gger
0
660
Sharing is Caring: Sharing Threat Intelligence Notebook Edition
fr0gger
0
1.4k
Code Graphology
fr0gger
0
390
X-Ray of Malware Evasion Techniques: Analysis, Dissection, Cure?
fr0gger
3
650
AISA - Practical Threat Intelligence
fr0gger
0
1.1k
Hermetic Wiper Infographic
fr0gger
1
610
Technical Analysis of Cuba Ransomware
fr0gger
1
210
Sigma Rules Cheat Sheet
fr0gger
0
1.2k

Other Decks in Technology

See All in Technology
Turbinando Microsserviços com Distributed Cache
jordihofc
1
310
トラブルシューティングから Linux カーネルに潜り込む
hiboma
7
1.4k
Vault Secrets Operator と Dynamic Secrets で安全にシークレットを使おう / Vault Secrets Operator and Dynamic Secrets
nnstt1
2
300
microCMSのエンジニア組織と文化
microcms
0
440
CloudWatchでバレる 「君、仕事中にyo〇tube観てたよね?」
kadogen_0527
0
270
ChatGPTとこころを整理してみる
nagauta
0
360
LLMの普及による機械学習の民主化とMLPdMの重要性 / democratization-of-ml-and-importance-of-mlpdm-by-llm
yuya4
2
2.2k
KEDAによるイベント駆動ジョブスケール / Event-driven job scale by KEDA
kohbis
2
150
株式会社オプティム_採用会社紹介資料 / optim-recruit
optim
0
9.5k
ローコードでできる! アクセシビリティテスト自動化入門!
odasho
0
100
Tech Dojo Introduction Of Monitoring
norimuraz
0
290
MagicPod開発における テスト自動化とCI
nozomiito
0
110

Featured

See All Featured
GraphQLとの向き合い方2022年版
quramy
23
11k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
226
16k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
9
780
A Tale of Four Properties
chriscoyier
149
21k
Build your cross-platform service in a week with App Engine
jlugia
222
17k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
351
21k
The Invisible Customer
myddelton
113
12k
WebSockets: Embracing the real-time Web
robhawkes
58
6.2k
StorybookのUI Testing Handbookを読んだ
zakiyama
9
3.5k
Raft: Consensus for Rubyists
vanstee
130
5.8k
Done Done
chrislema
178
15k
Why You Should Never Use an ORM
jnunemaker
PRO
49
8.1k

Transcript

  1. VTHunting
    A Tiny Tool for Malware Hunting Collaboration
    Thomas ROCCIA
    Security Researcher, Advanced Threat Research
    @fr0gger_

    View Slide

  2. 2
    Botconf - Thomas Roccia – 2018
    What is VThunting?
    • VTHunting is a tiny tool coded in Python
    • Used to collect Malware Hunting Report from VirusTotal
    • Centralize reports notification in one place
    Disclaimer: You need a VirusTotal Intelligence API

    View Slide

  3. 3
    Botconf - Thomas Roccia – 2018
    What it can do?
    Vthunting.py
    CLI Report Slack Report Telegram
    Report
    Email Report
    Request VTI

    View Slide

  4. 4
    Botconf - Thomas Roccia – 2018
    How to use it?
    • Configuring with cron to generate
    daily, weekly or monthly report

    View Slide

  5. 5
    Botconf - Thomas Roccia – 2018
    Report Examples

    View Slide

  6. 6
    Botconf - Thomas Roccia – 2018
    Where to find it?
    https://github.com/fr0gger/vthunting

    View Slide

  7. 7
    Botconf - Thomas Roccia – 2018
    Happy Hunting!
    Thomas ROCCIA
    Security Researcher, McAfee Advanced Threat Research
    @fr0gger_
    https://github.com/fr0gger/vthunting

    View Slide