I created this site to document projects that I work on. There are a couple of reasons why I go thru the hassle of documentation. The main reason is that I don’t forget anything and the other which is just gravy is that maybe someone else will be able to follow along and not have to jump through all the hoops to learn the same thing that I did. They can also use my documentation to reproduce the steps it took to come to the same end result and hopefully expand upon that. This is the first of many posts to come related to these projects.

My first project will document the steps needed to collect and reverse engineer Windows malware. I’ve never done this before, but have experience with Honeywalls. I used them at the CarolinaCon 2005 Capture the Flag event. For the collection part of this project, I’m going to be using a Honeywall, Nepenthes, HoneyC, and possibly Capture-HPC. The host OS for the Honeywall and Capture will be Windows XP with no service packs installed. Read the rest of this entry »