Reverse Engineering Malwares
About The Course
This course introduces the concept of malware, how they function, their types and how they are extensively used in Advanced Persistent attacks (APT's) to siphon off the critical business information from an organization on regular basis. We start off with the concepts of Process explorer, disassembling v/s debugging with advanced debugging features. We also set breakpoints to crack down an application dissecting it to the level where malware code is present.
A practice malware lab session is now setup consisting of virtual machines and sandbox environment. We use ReMux, honeypots and online analysis services to track the movement of the malware across the virtual network. We are able to do malware analysis based on the activity monitoring. We now delve deep into the techniques used for analysis of malware such as process dumping, Live Analysis, analyzing Anti-virus evasion and so on. Further we take a peek at advanced malware methodologies which enable us to capture memory dumps, infect PDF and MS office documents and detect and analyze shell code.
Table of Contents
Session 1: Introduction
Session 2: Reverse Engineering Executable
Session 3: Malware Analysis Lab Setup
- Virtual Machines
- Sandbox Concept
- Working with REMnux
- Honeypots
- Online Analysis services
Bhushan Jeevan Rane, Assistant Manager – SHCIL
Faculty has a good trainers. Yes, the course met its objective.
Mukesh Lokre, Information Security Analyst – Travelex
Faculty has delivered the content clearly. He has a good subject knowledge.
Chinmay Dhawale, Information Security Analyst – Travelex
Very impressive, knowledgeable, technically sound & skilled trainers.
Shital Ranadive, Info Security Analyst – IDBI Intech Ltdt
Faculty is good & has explained the topics very well.