Jump to content
Usr6

[OST] Reverse Engineering Malware -2 day course

By Usr6, in Tutoriale video

Recommended Posts

Usr6 Newbie

Usr6

Posted
Posted

Creator: Matt Briggs & Frank Poz

Lab Requirements:

- Virtual machine software (VMWare is recommended).

-Windows system with IDA Pro (Free 5.0 is acceptable).

-Microsoft Visual Studio 2008 redistributable package.

As we store more of our confidential information on our computers, from bank account credentials, to company secrets, the reward to risk ratio increases as has the number malware (malicious software) threats. While anti-virus and intrusion detection systems have improved over the years, nothing can substitute a skilled malware analyst when a business needs to understand and mitigate a network intrusion.

This class picks up where the Introduction to Reverse Engineering of Software course left off, exploring how static reverse engineering techniques can be used to understand what a piece of malware does and how it can be removed

Topics include:

- Understanding common malware features and behavior

- Defeating code armoring and obfuscation

- Signature creation and applying prior analysis

- Dynamic analysis tools and how they can aid static analysis

Cuprins:

Day 1 Part 1 Prerequisites

Day 1 Part 2 Analysis Goals

Day 1 Part 3 Triage, Tasks, and Tools

Day 1 Part 4 Malware Lab Setup

Day 1 Part 5 Analysis Methods

Day 1 Part 6 Execution and Persistence

Day 1 Part 7 Know Your Tools

Day 1 Part 8 Generic RE Algorithm

Day 1 Part 9 Data Encoding

Day 1 Part 10 Data Encoding - Common Algorithms - Caesar Cipher & XOR + variants

Day 1 Part 11 Data Encoding - Common Algorithms - Base64

Day 1 Part 12 Data Encoding - Common Algorithms - Crypto

Day 1 Part 13 Data Encoding - Common Algorithms - Compression

Day 1 Part 14 Data Encoding - Common Algorithms - String Obfuscation

Day 1 Part 15 Data Decoding

Day 1 Part 16 How a Debugger Works

Day 1 Part 17 Malware Unpacking

Day 1 Part 18 Day 1 Review

Day 2 Part 1 Network Communications - Introduction & Finding the Code

Day 2 Part 2 Network Communications - Command & Control, Indicators

Day 2 Part 3 DLL Analysis

Day 2 Part 4 Anti-Analysis

Day 2 Part 5 Anti-Analysis Examples

Day 2 Part 6 How CreateFile() Works

Day 2 Part 7 Shellcode Analysis

Materials(lecture, malware sample, scripts): ReverseEngineeringMalware

Video:

curs oferit de: opensecuritytraining.info

  • Upvote 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...