Didier Stevens

Screencasts & Videos

This is a compilation of all my posts with screencasts and videos. My YouTube account is dist67.

Malicious PDF Analysis Workshop Screencasts

Metasploit MS06-040 Demo
I needed to convince someone that patching Windows is necessary. That’s why I made him a short video clip where I use Metasploit 2.6 to exploit vulnerability MS06-040…
YouTube and XviD HiRes

Playing with utilman.exe, The Motion Picture
Whenever you press the magic key sequence (Windows Logo key & U key), a command shell will open on the Winlogon desktop…
YouTube

A Windows Live CD plugin for my UserAssist utility
I’ve published a BartPE plugin for my UserAssist utility…
YouTube and XviD HiRes

PiXiE dust
I use PXE (network boot) to hack into a machine…
YouTube and XviD HiRes

Google and the Drive-by Download
I’ve encountered an interesting Drive-by Download and made a movie of a Windows XP SP2 machine getting infected…
YouTube and XviD HiRes

USBVirusScan
USBVirusScan will launch any program you provide as a command line parameter each time a USB stick is inserted. I use it to start a full virus scan on the inserted USB drive, hence the name…
YouTube and XviD HiRes

OllyStepNSearch
This OllyDbg plugin allows you to search for a given text when automatically stepping through the debugged program…
YouTube and XviD HiRes

Another postcard…
There was another virus run today, it inspired me to make a Season’s Greetings video…
YouTube and XviD HiRes

A running light with a PIN
We all know the problem, you’ve set-up a running light as Christmas decoration, and then a kid starts changing the patterns you’ve programmed…
YouTube and XviD HiRes

P0wned by a QT movie
Here’s an interesting infection vector, used by a new malware: it’s a QuickTime movie…
YouTube and XviD HiRes

“Is your PC virus-free? Get it infected here!”
A bit of fun with Google Ads…
YouTube and XviD HiRes

RSR
This is an example of Really Simple Reversing of a piece of malware. It’s written in the AutoIt scripting language and compiled to an EXE.
YouTube and XviD HiRes

F-Secure Reverse Engineering Challenge 2007
Be ready to compete in the F-Secure Reverse Engineering Challenge (http://www.khallenge.com) this Friday.
YouTube and XviD HiRes

A000n0000 0000O000l00d00 0I000E000 00T0r0000i0000c000k
An old obscured HTML trick.
YouTube and XviD HiRes

Pocket EICAR Test File Server
Like last year, I produced an anti-virus related Season’s Greetings movie.
YouTube and XviD HiRes

6 Comments »

  1. i liked ur videos Man :D

    keep more..

    Comment by Raaka — Monday 17 December 2007 @ 14:18

  2. [...] produce a screencast for each exercise (there are 20 exercises). You can find the first screencasts here. More will be produced [...]

    Pingback by Malicious PDF Analysis Workshop Screencasts « Didier Stevens — Wednesday 25 May 2011 @ 15:59

  3. Great job. Especially the Malicious PDF Analysis Workshop Screencasts are really amazing!

    Comment by Yoomi — Monday 30 May 2011 @ 23:27

  4. Hi Didier,
    i really like your “Malicious PDF Analysis Workshop Screencasts”, they are awesome, if you can upload the rest of the screencasts it will be really useful,

    Thanks,
    Monnappa

    Comment by Monnappa — Thursday 23 June 2011 @ 17:28

  5. @Monnappa I’ve uploaded all the screencasts I’ve produced. You’ll have to be patient while I produce the remaining ones.

    Comment by Didier Stevens — Thursday 23 June 2011 @ 18:01

  6. [...] mark the occasion of my Malicious PDF Analysis workshop at Black Hat Europe 2012, I’m releasing version 0.0.12 of PDFiD and version 0.3.9 of [...]

    Pingback by Update: PDFid And pdf-parser « Didier Stevens — Wednesday 14 March 2012 @ 9:15


RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

The Rubric Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 225 other followers

%d bloggers like this: