Learn advanced analysis techniques from real-world malware and harness this knowledge to craft your own malware, understanding attacker strategies. Empower yourself with both defensive and offensive cybersecurity skills in this immersive course.
Overview
Syllabus
- Introduction
- Introduction
- Malware Analysis And DevelopmentLabs.pdf
- Malware Analysis And Development.pdf
- Labs.zip 43.1 KB
- Demos.zip 54.5 KB
- Malware Samples.zip 52 MB
- Windows Internals Overview
- Processes • 10 mins
- Task Manager • 25 mins
- Process Explorer • 24 mins
- Virtual Memory • 31 mins
- Threads • 22 mins • 119 MB
- System Architecture • 21 mins • 52.8 MB
- APIs • 24 mins • 80.4 MB
- Objects and Handles • 40 mins • 267 MB
- Labs Intro • 4 mins • 18.7 MB
- Windows Application Development Fundamentals
- Application Development Fundamentals • 1h 4m 54s • 263 MB
- Working with Strings • 22 mins • 70.4 MB
- System Information • 4 mins • 12.9 MB
- Working with Handles
- Sharing Objects by Name • 28 mins • 190 MB
- Duplicating Handles • 16 mins • 99.3 MB
- Object Names and Sessions • 2 mins • 9.96 MB
- Sessions • 18 mins • 60.3 MB
- Private Object Namespace • 6 mins • 23.3 MB
- Processes, Memory and Threads
- Process Creation • 22 mins • 53.2 MB
- The CreateProcess API • 27 mins • 140 MB
- Process Termination • 10 mins • 43 MB
- Labs Solution Walkthrough • 17 mins • 62.1 MB
- DllMain • 5 mins
- Process and Thread Attributes • 26 mins • 89.7 MB
- Process Enumeration • 44 mins • 247 MB
- PEB and Other Details • 34 mins • 123 MB
- Process Memory • 7 mins • 29.4 MB
- Reserving and Committing Memory • 34 mins • 128 MB
- Heaps • 26 mins • 90.7 MB
- Threads Basics • 19 mins • 53.5 MB
- Creating Threads • 16 mins • 54.9 MB
- Odds and Ends • 6 mins • 14 MB
- Dynamic Link Libraries
- Building DLLs • 35 mins • 121 MB
- Consuming DLLs • 20 mins • 71.7 MB
- Reducing Dependencies • 8 mins • 28.8 MB
- DLL Injection with a Remote Thread • 43 mins • 177 MB
- DLL Injection with an APC • 30 mins • 137 MB
- Odds and Ends • 12 mins • 33.1 MB
- x86/x64 Fundamentals
- Operating Modes • 7 mins • 14 MB
- Assembling with Visual Studio • 5 mins • 20.7 MB
- x86/x64 Basics • 31 mins • 84.3 MB
- Operands and Address Modes • 16 mins • 67.9 MB
- Fundamental Instructions • 11 mins • 36.6 MB
- Calling External Functions • 11 mins • 36.8 MB
- Calling Conventions • 17 mins • 50.7 MB
- Bitwise Operations • 5 mins • 14 MB
- Branch Instructions • 10 mins • 27.4 MB
- The Stack • 19 mins • 58.2 MB
- Shellcode • 29 mins • 122 MB
- Injecting Shellcode • 20 mins • 106 MB
- Odds and Ends • 7 mins • 27.7 MB
- .NET Fundamentals
- .NET Fundamentals • 43 mins • 137 MB
- COM Fundamentals
- COM Basics • 32 mins • 98.8 MB
- COM Concepts, Clients and Servers • 18 mins • 51.1 MB
- Creating and Using a COM Object • 1h 22m 38s • 346 MB
- Smart Pointers • 16 mins • 78.9 MB
- OLE/COM Object Viewer • 24 mins • 116 MB
- COM Activation in Detail • 60 mins • 227 MB
- The Native API
- Native API Basics • 15 mins • 45.4 MB
- Object Manager and Native APIs • 44 mins • 204 MB
- Registry APIs • 7 mins • 32.9 MB
- Enumertaing Processes and Handles • 11 mins • 69.7 MB
- Introduction to Malware Analysis and Lab Setup
- The Importance of Understanding and Dissecting TTPs • 11 mins • 37.1 MB
- Introduction to Malware Analysis • 6 mins • 26.1 MB
- Understanding AV-EDR Vendor Detection Names • 7 mins • 25.9 MB
- Installing Flare-VM • 3 mins • 10.9 MB
- PE 101 - Part 1 • 17 mins • 86.8 MB
- PE 101 - Part 2 • 7 mins • 30.2 MB
- Strings • 6 mins • 16.2 MB
- Packing Detection - Part 1 • 10 mins • 30.8 MB
- Packing Detection - Part 2 • 28 mins • 110 MB
- Packing Detection - Part 3 • 4 mins • 13.4 MB
- Detecting Malicious Functionality • 11 mins • 37.2 MB
- Reverse Engineering .NET, VBA and Shellcode Malware
- Introduction to the SolarWinds Sunburst Attack • 13 mins • 40 MB
- Sunburst Backdoor Initial Analysis •8 mins • 40.8 MB
- Sunburst Backdoor Backtracking (Function Call Tree Analysis) • 11 mins • 52.2 MB
- Sunburst Backdoor Reverse Engineering - Part 1 • 22 mins • 105 MB
- Sunburst Backdoor Reverse Engineering - Part 2 • 22 mins • 95.2 MB
- Sunburst Backdoor Reverse Engineering - Part 3 • 9 mins • 26.5 MB
- Sunburst Backdoor Reverse Engineering - Part 4 • 16 mins • 91.3 MB
- Sunburst Backdoor Reverse Engineering - Part 5 • 26 mins • 153 MB
- VBA Macro Shellcode Analysis - Part 1 • 9 mins • 34.2 MB
- VBA Macro Shellcode Analysis - Part 2 • 16 mins • 78.5 MB
- VBA Macro Shellcode Analysis - Part 3 • 27 mins • 123 MB
- Reverse Engineering C/C++ Malware
- DarkSide Ransomware Initial Analysis • 20 mins • 67.5 MB
- Runtime Code Unpacking - Part 1 • 28 mins • 95.7 MB
- Runtime Code Unpacking - Part 2 • 27 mins • 111 MB
- Runtime Code Unpacking - Part 3 • 18 mins • 75.1 MB
- Dynamic API Resolve • 24 mins • 105 MB
- Rebuilding the IAT (Import Address Table) • 8 mins • 45.6 MB
- DarkSide Ransomware TTPs Dissection - Part 1 • 23 mins • 118 MB
- DarkSide Ransomware TTPs Dissection - Part 2 • 40 mins • 205 MB
- Malware Development
- Minimal Executables • 16 mins • 52.8 MB
- DarkSide Malware Techniques • 58 mins • 252 MB
- Simple Memory Sharing • 10 mins • 33.8 MB
- Memory Mapped Files • 18 mins • 77.8 MB
- Payload in Resources • 19 mins • 89.8 MB
- More Techniques • 23 mins • 61.5 MB
- Bonus Content
- One Electron to Rule Them All • 5 mins • 31.9 MB
Taught by
Uriel Kosayev, and Pavel Yosifovich
Related Courses
-
Malware Analyst Professional - Level 2
-
Reverse Engineering and Malware Analysis Fundamentals
-
Practical Malware Analysis for Beginners
-
Red Teaming | Exploit Development with Assembly & C | MSAC+
-
Reverse Engineering & Malware Analysis of .NET & Java
-
Windows Malware Analysis for Hedgehogs - Beginner Training
