* Cantinho Satkeys

Refresh History
  • FELISCUNHA: Votosde um santo domingo para todo o auditório  4tj97u<z
    24 de Novembro de 2024, 11:06
  • j.s.: bom fim de semana  49E09B4F
    23 de Novembro de 2024, 21:01
  • j.s.: try65hytr a todos
    23 de Novembro de 2024, 21:01
  • FELISCUNHA: dgtgtr   49E09B4F  e bom fim de semana
    23 de Novembro de 2024, 12:27
  • JPratas: try65hytr A Todos  101yd91 k7y8j0
    22 de Novembro de 2024, 02:46
  • j.s.: try65hytr a todos  4tj97u<z 4tj97u<z
    21 de Novembro de 2024, 18:43
  • FELISCUNHA: dgtgtr  pessoal   49E09B4F
    20 de Novembro de 2024, 12:26
  • JPratas: try65hytr Pessoal  4tj97u<z classic k7y8j0
    19 de Novembro de 2024, 02:06
  • FELISCUNHA: ghyt74   49E09B4F  e bom fim de semana  4tj97u<z
    16 de Novembro de 2024, 11:11
  • j.s.: bom fim de semana  49E09B4F
    15 de Novembro de 2024, 17:29
  • j.s.: try65hytr a todos  4tj97u<z
    15 de Novembro de 2024, 17:29
  • FELISCUNHA: ghyt74  pessoal   49E09B4F
    15 de Novembro de 2024, 10:07
  • JPratas: try65hytr A Todos  4tj97u<z classic k7y8j0
    15 de Novembro de 2024, 03:53
  • FELISCUNHA: dgtgtr   49E09B4F
    12 de Novembro de 2024, 12:25
  • JPratas: try65hytr Pessoal  classic k7y8j0 yu7gh8
    12 de Novembro de 2024, 01:59
  • j.s.: try65hytr a todos  4tj97u<z
    11 de Novembro de 2024, 19:31
  • cereal killa: try65hytr pessoal  2dgh8i
    11 de Novembro de 2024, 18:16
  • FELISCUNHA: ghyt74   49E09B4F  e bom fim de semana  4tj97u<z
    09 de Novembro de 2024, 11:43
  • JPratas: try65hytr Pessoal  classic k7y8j0
    08 de Novembro de 2024, 01:42
  • j.s.: try65hytr a todos  49E09B4F
    07 de Novembro de 2024, 18:10

Autor Tópico: Reverse Engineering & Malware Analysis - Intermediate Level  (Lida 198 vezes)

0 Membros e 1 Visitante estão a ver este tópico.

Online mitsumi

  • Moderador Global
  • ***
  • Mensagens: 117576
  • Karma: +0/-0

MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz, 2 Ch
Genre: eLearning | Language: English + srt | Duration: 39 lectures (5h 31m) | Size: 3.44 GB
An Intermediate Level Course on Reverse Engineering and Analyzing Malware

What you'll learn:
Types of Malware and Terminologies
Static Analysis
Dynamic Analysis
Assembly Language Refresher and Malicious APIs
API Hooking, Process Hijacking, Dumping Memory
Identifying Standard and Custom Packers
Unpacking Packed Malware
Enumerating Breakpoints and Memory Tracing
Hooking VirtualProtect, VirtualAlloc, GetProcAddress, CreateProcessInternalW and other common API's
Using Scylla Plugin to Dump Memory, Fixing IAT Tables
Using Delphi Interactive Reconstructor
Dumping Memory from Memory Viewer, Process Hacker and Memory Maps
API Enumeration Count Trick To Know When to Dump
Self-Injection and Remote Thread Injection
Fixing Section Alignments, Unmapping and Re-Basing Dumped Files
and more...

Requirements
Windows PC with Virtual Machine and Flare-VM Installed
Some basics in malware analysis or software reverse engineering.

Description
If you already have some basic reverse engineering and malware analysis knowledge and wish to go further, then this course is for you. I will take you from basic to intermediate level in reverse engineering and analyzing malware. You will learn using plenty of practical walk-throughs. The focus of this course will be on how to unpack malware. Most modern malware are packed in order to defeat analysis. Hence, this Intermediate Level Course provides the required knowledge and skills to unpack malware. All the needed tools will be introduced and explained. By the end of this course, you will have the intermediate level skill in malware analysis under your belt to further your studies in this field. Even if you do not intend to take up malware analysis as a career, still the knowledge and skills gained in reverse engineering and analysis would be beneficial to you to reverse software as well.

Everything is highly practical. No boring theory or lectures. More like walk-throughs which you can replicate and follow along. We will focus on API Hooking and Memory Analysis and Tracing to determine where and when to dump memory after a malware has unpacked its payload into memory. In this course, we will be using Oracle Virtual Machine installed with Flare-VM. Take note that all software used in this course are free.

Topics include:

Types of Malware and Terminologies

Dynamic and Static Analysis

Assembly Language Refresher and Malicious APIs

API Hooking, Process Hijacking, Dumping Memory

Fixing Section Alignments, Un-mapping and Re-Basing Dumped Files

Enumerating Breakpoints and Memory Tracing

Hooking VirtualProtect, VirtualAlloc, GetProcAddress, CreateProcessInternalW and other common API's

Using Scylla Plugin to Dump Memory

Using Delphi Interactive Reconstructor

Dumping Memory from Memory Viewer, Process Hacker and Memory Maps

API Enumeration Count Trick To Know When to Dump

Self-Injection and Remote Thread Injection

and more...

This course is suitable for:

Students who has already done a basic level malware analysis course

Hackers looking for additional tools and techniques to reverse software

Reverse Engineers who want to venture into malware analysis

The prerequisites:

Some basics in malware analysis or software reverse engineering.

Windows PC with Virtual Machine and Flare-VM Installed.

Note:

If you do not have the basics of malware analysis, it is recommended to take my earlier course first, which is entitled:

Reverse Engineering & Malware Analysis Fundamentals

Go ahead and enroll now. I will see you inside!

Who this course is for
Students who has already done a basic level malware analysis or reverse engineering course
Hackers looking for additional tools and techniques to reverse software
Reverse Engineers who want to venture into malware analysis


Download link:
Só visivel para registados e com resposta ao tópico.

Only visible to registered and with a reply to the topic.

Links are Interchangeable - No Password - Single Extraction