.NET Framework Rootkits

[Erez Metula <erezmetula () 2bsecure co il>]

Hello,
Attached are the presentation + whitepaper I'm going to talk about at BlackHat conference next week in Amsterdam, 
titled ".NET Framework Rootkits - Backdoors inside Your Framework".

The main threats of Framework level rootkits are

 *   Hidden malware
 *   Applications behavioral changes
 *   Insider threats (such as developer backdoors)

Although the focus is on the .NET Framework, it is a general concept that is relevant to other platforms such as Java, 
PHP,Flash, Dlavik (Google Android) and more.

For more information, such as the ".NET-Sploit" tool used to demonstrate those attacks please visit
http://www.applicationsecurity.co.il/.NET-Framework-Rootkits.aspx

More info on the following Blackhat conference can be found here: 
https://www.blackhat.com/html/bh-europe-09/bh-eu-09-schedule.html

Regards,
Erez.

________________________________
[cid:image001.jpg@01C9B701.845F53E0]
Erez Metula, CISSP
Application Security Department Manager
Security Training Academic Director
Security Software Engineer
E-Mail:  erezmetula () 2bsecure co il<mailto:erezmetula () 2bsecure co il>      Mobile:  972-54-2108830      Office: 
972-3-6492007

"Attackers often read through the documentation one page beyond where the developers stopped reading"

Attachment: .NET Framework rootkits - backdoors inside your framework - revised.pdf
Description: .NET Framework rootkits - backdoors inside your framework - revised.pdf

Attachment: .NET Framework Rootkits - Backdoors Inside Your Framework (Erez Metula).ppt
Description: .NET Framework Rootkits - Backdoors Inside Your Framework (Erez Metula).ppt

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/