namespaces
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
namespaces [2024-04-14 20:09] – 105.112.17.95 | namespaces [2024-05-15 10:24] (current) – [Referring Images] 217.70.164.142 | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Malware Analysis Methodologies ====== | + | ===== Creating Namespaces |
+ | You don't need to create namespaces separately; simply create pages with colons in the [[pagename]]. | ||
+ | The token after the last colon will be the name of the page itself, while all other tokens are namespaces. | ||
+ | All namespaces used in your pagename that don't exist already will be created by DokuWiki automatically. | ||
+ | A namespace can be created in the media manager after having selected a file on the local computer and adding a '' | ||
- | ==== Introduction ==== | + | In DokuWiki, pages are created as in every other wiki. Simply create a link to a non existing page, follow this link, and click on Create this page. See also [[.: |
- | Malware analysis methodologies involve systematic approaches | + | ^ Examples: |
+ | | example\\ .example\\ .: | ||
+ | | : | ||
+ | | ..example\\ ..: | ||
+ | | wiki: | ||
+ | | ns1: | ||
+ | | .ns1: | ||
+ | | ..ns1: | ||
+ | | .ns1:ns2:\\ .: | ||
+ | | ~example\\ ~: | ||
- | 1. **Preparation**; | + | :!: Gotcha: The syntax |
- | - **Define Objectives**: We need to determine the goals of the analysis, such as identifying the malware' | + | |
- | - **Establish Environment**: We need to set up a controlled and isolated environment | + | |
- | 2. **Static Analysis**: | ||
- | - **File Identification**: | ||
- | - **File Metadata**: We then need to extract metadata such as file size, creation/ | ||
- | - **Hashing and Signature Matching**: We generate file hashes next and compare them against known malware signatures to determine if the file is already documented as malicious.\\ | ||
- | - **File Structure Analysis**: After that, we examine the structure of the file, including headers, sections, and embedded components, to understand its internal organization.\\ | ||
- | - **String Analysis**: We then extract and analyze strings within the file, including plaintext strings, encoded/ | ||
- | - **Code Disassembly/ | ||
- | 3. **Dynamic Analysis**: | + | Links are absolute if and only if they have a ":" prefix or have no prefix but do have intermediate |
- | - **Execution Environment Setup**: We have to execute the malware sample in a controlled environment while monitoring its behavior to capture runtime activities without affecting the host system. | + | |
- | - **Behavioral Monitoring**: Then we observe and record the malware' | + | |
- | - **Network Traffic Analysis**: We capture and analyze network traffic generated by the malware to identify communication protocols, command-and-control | + | |
- | - **Memory Analysis**: We need to analyze the malware' | + | |
- | - **Malware Interaction**: | + | |
- | 4. **Code Analysis**: | + | Links relative |
- | - **Reverse Engineering**: | + | |
- | - **Functionality Mapping**: We have to identify and map the malware' | + | |
- | - **Code Logic Reconstruction**: We will then reconstruct higher-level logic and operational flows from the disassembled/ | + | |
- | 5. **Reporting and Documentation**: | + | ===== Referring Images ===== |
- | - **Analysis Report**: We will compile a detailed report summarizing | + | Regarding referring of namespaces, images and other media files are handled like wiki pages. That means, the following refers to an image that belongs to the current namespace: |
- | - **Forensic Artifacts**: We then document | + | < |
- | | + | {{image.jpg}} |
+ | </ | ||
+ | |||
+ | |||
+ | |||
+ | ===== Deleting namespaces ===== | ||
+ | |||
+ | When all pages inside a namespace are removed (see [[page# | ||
+ | |||
+ | ===== How to rename namespaces? ===== | ||
+ | |||
+ | ==== Manual way ==== | ||
+ | |||
+ | In order to rename a namespace manually you will have to: | ||
+ | | ||
+ | * '' | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | For example, on a Unix host, you could: | ||
+ | * '' | ||
+ | | ||
+ | | ||
+ | | ||
+ | Note that the '' | ||
+ | |||
+ | * Correct (by editing them) all the links to the pages under the //moved// namespace (you can discover those before moving the namespace by reviewing each page's [[backlinks]]). | ||
+ | |||
+ | * Browse each and every page under the new namespace. This will create the missing indexing information and metadata | ||
+ | |||
+ | However, you will still have lots of junk left around. For example in '' | ||
+ | |||
+ | * '' | ||
+ | * '' | ||
+ | | ||
+ | | ||
+ | * '' | ||
+ | * Browse each and every page of your Wiki. | ||
+ | |||
+ | DISCLAIMER: I understand this is convoluted (and maybe I missed/ | ||
+ | |||
+ | ===== Namespace Default Linking ===== | ||
+ | |||
+ | It is possible | ||
+ | with a colon: '' | ||
+ | existence of certain named files. For '' | ||
+ | checked: | ||
+ | |||
+ | < | ||
+ | foo: | ||
+ | foo: | ||
+ | foo:bar | ||
+ | </ | ||
+ | |||
+ | The pages are checked in that order and whatever page is found first will be linked to. [[config: | ||
+ | |||
+ | See [[config: |
namespaces.txt · Last modified: 2024-05-15 10:24 by 217.70.164.142