Safety Always! Build good habits for handling malware safely and create an analysis lab.
Safe Malware Sourcing. Learn where to source malware samples safely (no need for the dark web!).
Basic Analysis. Learn basic analysis methodology, including interpreting strings, inspecting Windows API calls, identifying packed malware, and discovering host-based signatures. Then, detonate malware to collect network signatures and identify malicious domains and second-stage payloads!
Intro to the x86 Assembly Language. Dip your toes into the low-level world of Assembly Language! Learn the foundations of x86 Assembly and use it to perform advanced analysis.
Advanced Analysis. Use sophisticated tools like Cutter and x32dbg to discover key insights about malware samples at the lowest possible level. Control the execution flow of a program and manipulate its low-level instructions in a debugger.
Patch It Out: Binary Patching & Anti-analysis. Learn the crafty practice of patching binaries at the ASM level to alter the flow of their programs. Then, learn to identify and defeat anti-analysis techniques.
Gone Phishing. Learn to analyze malicious documents and document-delivered malware, including malicious macros and remote template injections.
What the Shell? Learn to identify and carve out embedded shellcode.
Off Script. Identify scripted, obfuscated malware delivery techniques that use PowerShell and Visual Basic Script.
Stay Sharp. Decompile and reverse engineer C# assemblies and learn about reverse engineering the .NET Framework! Then, reverse engineer an encrypted malware C2 dropper back to near-perfect original source code with DNSpy!
Go Time. Learn the analysis considerations of malware written in Go.
Get Mobile! Use MobSF to reverse engineer malicious Android applications.
The Bossfight! Use everything you have learned to do a full analysis of one of the most infamous malware samples in history.
Automating the Process. Use Jupyter Notebooks and malware sandboxes to automate the analysis process.
Tell the World! Write YARA rules to aid in the detection of malware samples and learn how to write effective analysis reports to publish findings.
Course Final. Apply everything you’ve learned to display your mastery of the art and science of malware analysis!
Safe Malware Sourcing. Learn where to source malware samples safely (no need for the dark web!).
Basic Analysis. Learn basic analysis methodology, including interpreting strings, inspecting Windows API calls, identifying packed malware, and discovering host-based signatures. Then, detonate malware to collect network signatures and identify malicious domains and second-stage payloads!
Intro to the x86 Assembly Language. Dip your toes into the low-level world of Assembly Language! Learn the foundations of x86 Assembly and use it to perform advanced analysis.
Advanced Analysis. Use sophisticated tools like Cutter and x32dbg to discover key insights about malware samples at the lowest possible level. Control the execution flow of a program and manipulate its low-level instructions in a debugger.
Patch It Out: Binary Patching & Anti-analysis. Learn the crafty practice of patching binaries at the ASM level to alter the flow of their programs. Then, learn to identify and defeat anti-analysis techniques.
Gone Phishing. Learn to analyze malicious documents and document-delivered malware, including malicious macros and remote template injections.
What the Shell? Learn to identify and carve out embedded shellcode.
Off Script. Identify scripted, obfuscated malware delivery techniques that use PowerShell and Visual Basic Script.
Stay Sharp. Decompile and reverse engineer C# assemblies and learn about reverse engineering the .NET Framework! Then, reverse engineer an encrypted malware C2 dropper back to near-perfect original source code with DNSpy!
Go Time. Learn the analysis considerations of malware written in Go.
Get Mobile! Use MobSF to reverse engineer malicious Android applications.
The Bossfight! Use everything you have learned to do a full analysis of one of the most infamous malware samples in history.
Automating the Process. Use Jupyter Notebooks and malware sandboxes to automate the analysis process.
Tell the World! Write YARA rules to aid in the detection of malware samples and learn how to write effective analysis reports to publish findings.
Course Final. Apply everything you’ve learned to display your mastery of the art and science of malware analysis!
