Malware & Threat Research

EBRYX
Gives You A Competitive Edge

We work behind the scenes with our clients to bring groundbreaking cybersecurity solutions to the market. Our cybersecurity research, development, and testing services power leading Silicon Valley-based cybersecurity tech companies as well as exciting new startups. Our experience spans multiple subdomains within cybersecurity, including endpoint, network, web, mobile, cloud, and IoT security. 

Powering World Class Cybersecurity Products

Malware Analysis And Research

Our Malware analysis and research team has been working in the following domains

  • Zero Day attack detection and analysis 
  • Malware reverse engineering
       – Static
       – Dynamic
  • Develop honeypots for malware and drive by download attacks
  • Sandbox evasion testing using 
       – Cuckoo Sandbox
       – Cameo Sandbox
  • Test malware writing for agent based detection engine  

Threat Intelligence And Detection

Our team has extensive experience in producing localized and global threat intelligence and malicious campaign detection

  • Next-generation machine learning and AI-based Intelligent Algorithms power our cutting edge threat intelligence and detection capabilities. 
  • Localized Threat Intelligence enables us to identify targeted threats and campaigns like APTs and phishing campaigns against a specific organization
  • Global Threat Intelligence has detected malicious attacks with global footprints:
  • Phishing campaign targeting millions of users globally to harvest their user credential, personal and credit card information
  • Digital coin mining campaign; attackers infected systems worldwide to use victim’s hardware to mine digital coins.

Malicious Domain Detection

Detection of Newly registered malicious domain using light weight static analysis and emulated techniques

  • Crawling and scanning of newly registered domains for malicious footprints
  • Analysis of available information regarding the domains using a variety of sources and website content 
  • Running Heuristics on the information specific to the domain 
  • Perform Correlation on all the information gathered and synthesized to reach a final verdict regarding maliciousness of a domain

Domain Detection Technologies

Several  modules of the detection engine were built in-house, using the open source stack, modules include:

  • Domain Crawlers and scanners
  • Heuristic Engine
  • Web Content Emulators: JavaScript, Flash, HTML 5
  • Correlation Engine

Third Party tools and technologies used

  • Multi-AV
  • Intrusion detection and prevention systems
 

Phishing Domain Technologies​

System designed to detect phishing domains and URLs using smart heuristics and similarity algorithms

Content-based Detection

  • Comparing HTML, forms and images with phishing datasets and in case of a match the said URL or domain is identified

Domain and Network-based Detection

  • Similarity analysis of the content of a target URL with websites on the Alexa domain list. Incase of high similarity in content the URL is declared malicious
  • Detection results have a very high accuracy

Automated Web-shell Detection​

Automated process for detection of Web Shells on Webservers  

  • Web Shells are server-side scripts uploaded on vulnerable servers, by threat actors, to create backdoors.
  • Backdoors are used by threat actors to download/upload files, execute commands and access backend databases. These are very difficult to detect
  • Detection Process
  • Collection of web shells from various servers, 
  • Feature extraction from web shells 
  • Listing features using heuristics 
  • Detection of web shell presence on compromised servers on the web. 
  • Multiple server technologies covered by service

The Ebryx Advantage

Our cybersecurity R&D and engineering teams power some of the world’s leading cybersecurity products. 

Cutting-edge

Comprehensive

Reliable

Our Clients.

Get In Touch

Have Any Question or Query?







      Cybersecurity ServicesCloud SecuritySecurity Assessment ServicesTailored Security for StartupsTailored Security for StartupsSecurity R&DDetection and Response ServicesCustom EngineeringManaged SOCOtherIncident Readiness and Response







        Cybersecurity ServicesCloud SecuritySecurity Assessment ServicesTailored Security for StartupsTailored Security for StartupsSecurity R&DDetection and Response ServicesCustom EngineeringManaged SOCOtherIncident Readiness and Response



          Get In Touch