Profile

Cover photo
Brendan Dolan-Gavitt
Works at Georgia Institute of Technology
Attends Georgia Institute of Technology
Lived in Florence, Italy
192 followers|60,323 views
AboutPostsPhotosYouTube

Stream

 
100 Days of Malware
It's now been a little over 100 days since I started running malware samples in PANDA  and making the executions publicly available. In that time, we've analyzed 10,794 pieces of malware, which generated: 10,794 record/replay logs , representing 226,163,195...
It's now been a little over 100 days since I started running malware samples in PANDA and making the executions publicly available. In that time, we've analyzed 10,794 pieces of malware, which generated: 10,794 record/replay...
1
Brendan Dolan-Gavitt's profile photoBrian Railing's profile photo
3 comments
 
Can do.  There are still several months of writing ahead, so we can hope to revise the citation before it is turned in.
Add a comment...

Brendan Dolan-Gavitt

Shared publicly  - 
 
Replaying Regin in PANDA
Regin, a piece of state-sponsored malware that may have been used to attack telecoms and cryptographers, has recently come to light. There are several good writeups out there, and I encourage you to check them out. Getting access to samples in cases like th...
Regin, a piece of state-sponsored malware that may have been used to attack telecoms and cryptographers, has recently come to light. There are several good writeups out there, and I encourage you to check them out. Getting ac...
1
Add a comment...
 
Breaking Spotify DRM with PANDA
Disclaimer : Although I think DRM is both stupid and evil, I don't advocate pirating music. Therefore, this post will stop short of providing a turnkey solution for ripping Spotify music, but it will fully describe the theory behind the technique and its im...
Disclaimer: Although I think DRM is both stupid and evil, I don't advocate pirating music. Therefore, this post will stop short of providing a turnkey solution for ripping Spotify music, but it will fully describe the theory ...
2
Add a comment...

Brendan Dolan-Gavitt

Shared publicly  - 
 
tl;dr: PANDA now supports detached replays (you don't need the underlying VM image to run a replay), and they can be shared at a new site called PANDA Share. Hooray for reproducibility! One of the most inspiring developments ...
1
Terry Dolan's profile photo
 
I got excited. I thought this was about panda bears
Add a comment...

Brendan Dolan-Gavitt

Shared publicly  - 
 
I have just created a prebuilt Virtualbox VM for testing PANDA. It's a current Debian 7.1 install with the latest (as of 10/4/2013) version of PANDA and prerequisites installed. The username and password for the VM are "panda...
1
1
Brian Lockrey's profile photo
Add a comment...

Brendan Dolan-Gavitt

Shared publicly  - 
 
These guys always look like the happiest creatures on Earth.
1
Add a comment...
In his circles
162 people
Have him in circles
192 people
aniljak jak's profile photo
Weidong Cui's profile photo
Ying Xiao's profile photo
Jamie Macia's profile photo
Samuele Takeshita's profile photo
Richard Munroe's profile photo
Kate Stepleton's profile photo
Catherine Grevet's profile photo
Loren Locke's profile photo
 
Reproducible Malware Analyses for All
Summary : With help from GTISC , I have begun running 100 malware samples per day and posting the PANDA record & replay logs online at http://panda.gtisc.gatech.edu/malrec/ . The goal is to lower the barriers to entry for doing dynamic malware research, and...
Summary: With help from GTISC, I have begun running 100 malware samples per day and posting the PANDA record & replay logs online at http://panda.gtisc.gatech.edu/malrec/. The goal is to lower the barriers to entry for doing ...
1
1
Jesse Bowling's profile photo
Add a comment...

Brendan Dolan-Gavitt

Shared publicly  - 
 
PANDA VM Updated
By popular request, I've updated the PANDA VM to a more recent version of PANDA. Get it here: pandavm-20141005.tar.bz2 The version in the VM is based on Git revision  28787825aaf514da22e11650fdfca3ba82b9fc57 . Enjoy!
By popular request, I've updated the PANDA VM to a more recent version of PANDA. Get it here: pandavm-20141005.tar.bz2 The version in the VM is based on Git revision 28787825aaf514da22e11650fdfca3ba82b9fc57. Enjoy!
1
Add a comment...

Brendan Dolan-Gavitt

Shared publicly  - 
1
Peter Teoh's profile photo
 
true, there is binary analysis using Hilbert Space filling curves too:  http://corte.si/%2Fposts/visualisation/binvis/index.html
Add a comment...

Brendan Dolan-Gavitt

Shared publicly  - 
 
Bucky Fuller sure knew how to build a dome.
1
Add a comment...

Brendan Dolan-Gavitt

Shared publicly  - 
 
I'm pleased to announce the initial release of a new open source dynamic analysis platform built on QEMU, named PANDA (Platform for Architecture-Neutral Dynamic Analysis). It has a number of features that combine to make it a...
4
2
Brendan Saltaformaggio's profile photoBrian Railing's profile photoLutz Wolf's profile photoJamie Levy's profile photo
2 comments
 
We should talk research.
Add a comment...
People
In his circles
162 people
Have him in circles
192 people
aniljak jak's profile photo
Weidong Cui's profile photo
Ying Xiao's profile photo
Jamie Macia's profile photo
Samuele Takeshita's profile photo
Richard Munroe's profile photo
Kate Stepleton's profile photo
Catherine Grevet's profile photo
Loren Locke's profile photo
Work
Employment
  • Georgia Institute of Technology
    Research Assistant, 2008 - present
  • Microsoft Research
    Summer Intern, 2011 - present
  • MIT Lincoln Laboratory
    Summer Intern, 2010 - 2010
  • MIT Lincoln Laboratory
    Summer Intern, 2009 - 2009
  • MITRE
    Infosec Engineer, 2006 - 2008
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Previously
Florence, Italy - Atlanta, GA, USA - Boston, MA, USA - Knoxville, TN, USA - St Louis, MO, USA - Seattle, WA, USA - Middletown, CT, USA
Links
Other profiles
Contributor to
Story
Tagline
Hack the planet
Introduction
Congratulations! You've found the correct Brendan.
Education
  • Georgia Institute of Technology
    Computer Science, 2008 - present
  • Wesleyan University
    Math / Computer Science, 2002 - 2006
Basic Information
Gender
Male
Other names
moyix