SecurityXploded.com
Powered by XenArmor
Mailing List Join us on Google+ Twitter facebook RSS Feeds
Reference Guide to Reverse Engineering & Malware Analysis Training
 
 
Reference Guide - Malware Analysis Training Series
 
 
Here is the complete reference guide to all sessions of our Reverse Engineering/Malware Analysis & Advanced Malware Analysis Training program.

Adv Malware Analysis Training Session 6 - Sandbox Analysis
  1. CWSandbox :: Behavior-based Malware Analysis System
  2. Cuckoo Sandbox - Open source automated malware analysis
  3. Capture BAT - Malware behavioral analysis tool
  4. INetSim - Software for Network Behaviour Analysis of Malwares
  5. Anubis: Online Malware Analysis Service
Adv Malware Analysis Training Session 5 - Reversing Automation
  1. IDAPython in a Nutshell
  2. API Call Tracing - PEfile, PyDbg and IDAPython
  3. pefile - Python module for PE (Portable Executable) Files
  4. Book: Grey Hat Python
  5. Malpimp - Malpimp - Advanced API Tracing Tool
Adv Malware Analysis Training Session 4 - Anti-Analysis Techniques
  1. The Ultimate Anti-Debugging Reference
  2. Anti-Debugging – A Developers View
  3. Anti-Debugging with Exceptions
  4. AntiRE – An executable collection of Anti-Reversing Techniques
Adv Malware Analysis Training Session 3 - Botnet Analysis Part I I
  1. Dynamic Taint Analysis and forward Symbolic Execution
  2. Taint Checking - Introduction
  3. Dytan: A Generic Dynamic Taint Analysis Framework
  4. Valgrind - Framework for building dynamic analysis tools
  5. Taint Analysis for Automatic Malware Detection
  6. TTAnalyze: A Tool for Analyzing Malware
  7. JACKSTRAWS: Picking C & C Connections from Bot Traffic
  8. BackTracking Intrusion
Adv Malware Analysis Training Session 2 - Botnet Analysis Part I
  1. About Botnet - History, Attacks & Countermeasures
  2. Windows Asynchronous Procedure Calls
  3. About Waledac Botnet - http://en.wikipedia.org/wiki/Waledac_botnet
  4. Demo Video - Waledac Botnet Analysis - https://vimeo.com/57755964
Adv Malware Analysis Training Session 1 - Detection & Removal of Malwares
  1. GMER - Anti-rootkit Tool http://www.gmer.net/
  2. SpyDLLRemover - Tool to Remove Malicious DLLs from Process http://bit.ly/csujQX
  3. SpyBHORemover - Tool to Remove Malicious BHOs from Process http://bit.ly/1zGRN
  4. VirusTotal Scanner - Desktop Tool for Quick Anti-virus Scan http://bit.ly/Lir4Qz
  5. TCPView - http://technet.microsoft.com/en-us/sysinternals/bb897437.aspx
  6. AutoRuns - Manage Startup Entries http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
  7. Demo Video 1 - http://youtu.be/cV4Uln6BGUQ
  8. Demo Video 2 - http://youtu.be/2NORHci6tbw
  9. Demo Video 3 - http://youtu.be/sMtcaXNstw0
  10. Demo Video 4 - http://youtu.be/S-awFK4pNpM
-
Reversing/Malware Analysis Training Part 1 - Lab Setup Guide
  1.  Virtualization:
    1. VmWare - http://www.vmware.com/
    2. VirtualBox - https://www.virtualbox.org/
  2.  Tools Development:
    1. Compilers/IDE:
      1. Dev C++ - http://www.bloodshed.net/devcpp.html
      2. Microsoft Visual C++ - http://www.microsoft.com/visualstudio/en-us/products/2010-editions/visual-cpp-express
    2.  Assemblers:
      1. MASM - http://www.masm32.com/
      2. NASM - http://www.nasm.us/
      3. WinAsm (IDE) - http://www.winasm.net/
    3. Langugages:
      1. Python - http://python.org/
  3. Tools Reverse Engineering:
    1. Disassembler:
      1. IDA (5.0) - http://www.hex-rays.com/products/ida/support/download.shtml
      2. IDAPython - http://code.google.com/p/idapython/
    2. Debuggers:
      1. OllyDbg - http://www.ollydbg.de/
      2. Immunity Debugger - http://immunityinc.com/products-immdbg.shtml
      3. Windbg - http://msdn.microsoft.com/en-us/windows/hardware/gg463009
      4. Pydbg - http://code.google.com/p/paimei/
    3. PE file Format:
      1. PEView - http://www.magma.ca/~wjr/
      2. PEBrowse - http://www.smidgeonsoft.prohosting.com/pebrowse-pro-file-viewer.html
      3. LordPE - http://www.woodmann.com/collaborative/tools/index.php/LordPE
      4. ImpRec - http://www.woodmann.com/collaborative/tools/index.php/ImpREC
      5. PEid - http://www.peid.info/ vi. ExeScan - http://securityxploded.com/exe-scan.php
    4. Process:
      1. ProcMon - http://technet.microsoft.com/en-us/sysinternals/bb896645
      2. Process Explorer - http://technet.microsoft.com/en-us/sysinternals/bb896653
    5. Network:
      1. WireShark - http://www.wireshark.org/
      2. TcpView - http://technet.microsoft.com/en-us/sysinternals/bb897437
    6. File and Registry:
      1. Regshot: http://sourceforge.net/projects/regshot/
      2. Capturebat - http://www.honeynet.org/node/315
      3. InstallWatchPro. - http://www.brothersoft.com/downloads/installwatch-pro-2.5c.html
      4. FileMon - http://technet.microsoft.com/en-us/sysinternals/bb896642
    7. Misc:
      1. CFFexplorer - http://www.ntcore.com/exsuite.php
      2. Notepad++ - http://notepad-plus-plus.org/
      3. Dependency walker - http://www.dependencywalker.com/
      4. Sysinternal Tools - http://technet.microsoft.com/en-us/sysinternals/bb842062
Reversing/Malware Analysis Training Part 2 - Introduction to Windows Internals
  1. Book: Windows Internals 5th Edition - Chapter 1, 2, 3, 5, 9
  2. Windows Architecture - http://technet.microsoft.com/en-us/library/cc768129.aspx
  3. Book: RootKit Arsenal - Part 1 - Windows System Architecture
  4. System Service Dispatching - http://www.codeproject.com/KB/system/hide-driver/NtCallScheme_small.png
Reversing/Malware Analysis Training Part 3 - Windows PE File Format Basics
  1. Portable Executable File Format - A Reverse Engineer View - Goppit - http://ivanlef0u.fr/repo/windoz/pe/CBM_1_2_2006_Goppit_PE_Format_Reverse_Engineer_View.pdf
  2. An In-Depth Look into the Win32 Portable Executable File Format by Matt Pietrek http://msdn.microsoft.com/en-us/magazine/cc301805.aspx
  3. Lena 151 tutorials - http://tuts4you.com/download.php?list.17
  4. Icezelion's PE tutorials - http://win32assembly.programminghorizon.com/tutorials.html
Reversing/Malware Analysis Training Part 4 - Assembly Programming Basics
  1. Assembly Programming: A Beginners Guide - http://securityxploded.com/assembly-programming-beginners-guide.php
  2. Icezelion's Win32 Assembly Programming Tutorials  - http://win32assembly.programminghorizon.com/tutorials.html
  3. Function Calling Convention Demystified - http://www.codeproject.com/KB/cpp/calling_conventions_demystified.aspx
  4. Intel Manual – Volume 2 (Instruction set), Volume 3 (system programming 3A) -
    http://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-manual-325462.pdf
Reversing/Malware Analysis Training Part 5 - Reverse Engineering Tools Basics
  1. Video - Intro to OllyDbg and its Settings - http://www.youtube.com/watch?v=UqnQCVvYk3A
  2. Video - Intro to IDA Pro Disassembler - http://www.youtube.com/watch?v=zvWc-XsBKrA
  3. Automation of Reversing Through Scripting - http://securityxploded.com/automation-reversing-scripting.php
Reversing/Malware Analysis Training Part 6 - Practical Reversing (I)
  1. Video Demonstration - Reversing Sample Crackme using IDA Pro http://www.youtube.com/watch?v=6r5Q7YYnUSc
  2. Creating KEYGEN for Crackme Code http://securityxploded.com/creating-keygen-for-crackme.php
  3. Lena 151 tutorials - part1 to part 10 -http://tuts4you.com/download.php?list.17
  4. Book: 'The IDA Pro Book' - Unofficial Guide to IDA Pro http://www.amazon.com/The-IDA-Pro-Book-Disassembler/dp/1593272898
  5. Book: Practical Malware Analysis - chapter 1-7 http://www.amazon.com/Practical-Malware-Analysis-Dissecting-Malicious/dp/1593272901
  6. Book: Reversing - Secrets of Reverse Engineering - chapter 1,2,3,4,5,8 http://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Eilam/dp/0764574817
Reversing/Malware Analysis Training Part 7 - Practical Reversing II: Unpacking UPX
  1. Video Demonstration - Unpacking UPX using OllyDbg & ImpREC http://http://vimeo.com/42197903
  2. Manual Unpacking of UPX using OllyDbg http://securityxploded.com/unpackingupx.php
  3. UPX: Ultimate Packer for Executables http://upx.sourceforge.net/
  4. ImpREC: Import Table Reconstruction Tool http://securityxploded.net/download/Imprec.zip
  5. Best Unpacking Tutorials by ARTeam http://www.accessroot.com/
Reversing/Malware Analysis Training Part 8 - Practical Reversing III: Malware Memory Forensics
  1. Demo Video - http://www.youtube.com/watch?v=YcVusDjnBxw
  2. Malware Memory Forensics Article http://securityxploded.com/malware-memory-forensics.php
  3. Volatility - An advanced memory forensics framework http://code.google.com/p/volatility/
  4. Volatility - Volatile memory analysis research http://volatility.tumblr.com/
  5. MoonSols Windows Memory Toolkit http://www.moonsols.com/windows-memory-toolkit/
Reversing/Malware Analysis Training Part 9 - Practical Reversing IV: Advanced Malware Analysis
  1. Demo Video 1 - http://youtu.be/592uIELKUX8
  2. Demo Video 2 - http://youtu.be/3bxzvrGf5w8
  3. Volatility - An advanced memory forensics framework http://code.google.com/p/volatility/
  4. Volatility - Volatile memory analysis research http://volatility.tumblr.com/
  5. The Honeynet Project - http://www.honeynet.org/node/315
  6. Malware Analysis Tools & Training - http://zeltser.com/reverse-malware/
Reversing/Malware Analysis Training Part 10 - Practical Reversing V: Exploit Development Basics
  1. Demo Video 1 [EIP Overwrite]- http://www.youtube.com/watch?v=erl_Aee8oDg
  2. Demo Video 2 [SEH Exploitation]- http://www.youtube.com/watch?v=njQ47H7jO4s
  3. Remote Buffer Overflow Exploits - http://securityxploded.com/remote-buffer-overflow-exploits.php
  4. Exploit writing tutorials https://www.corelan.be/index.php/articles/
Reversing/Malware Analysis Training Part 11 - Practical Reversing VI: Exploit Development Advanced
  1. Demo Video 1 [DEP Bypass] - http://vimeo.com/49069964
  2. Demo Video 2 [HeapSpray] - http://vimeo.com/49070337
  3. Past, present and future of Windows Exploits: http://bit.ly/vr1IEw
  4. Exploit writing tutorials: https://www.corelan.be/index.php/articles/
  5. Preventing the exploitation of SEH overwrite: http://bit.ly/OM6olZ
  6. Stack Protections Bypass: http://bit.ly/agDaMx
Reversing/Malware Analysis Training Part 12 - Case Study: Rootkit Analysis
  1. DemoVideo 1: Mader – SSDT Hooking - http://youtu.be/5cLd2HukfbU
  2. DemoVideo 2: Prolaco – Process Hiding using DKOM - http://youtu.be/J7odu8OkBYs
  3. DemoVideo 3: Darkmegi/waltrodock – Installs Device Driver - http://youtu.be/ZAWfu-tRzrc
  4. DemoVideo 4: Carberp – Syscall Patch and Inline Hooks - http://youtu.be/ui_qLL3_w7A
  5. Book - The Rootkit Arsenal http://amzn.to/RXHvbN
  6. Volatility - An advanced memory forensics framework http://volatility-labs.blogspot.in
See Also
 
Latest Releases »
Grand Spring SALE »

Get upto 50% OFF on Enterprise NetCertScanner

New Tool »

Exe64bit Detector v1.0

5 Million Downloads »

Five Million Downloads of Our Tools

Fresh Hacking News »

Get Latest Security & Hacking News

Join us on Facebook »
Security Training

Our Free Advanced Malware Analysis Training Series

SX Alexa Toolbar »

Install New SecurityXploded Alexa toolbar to stay Fresh & Smart...

New Tools »
Top 10 Tools »
New Articles »
New Online Tools »
Testimonials »

"I have found 'SecurityXploded' tools to be an invaluable asset in many of our Forensic Investigations..."
- James, Police Dept, Delaware, USA

Awards »

Awards for our softwares from leading Download Sites


About SX
Security Tools
Research & Training
Our Network


SecurityXploded © 2007-2013, All rights reserved. Powered by XenArmor apycom Advertise | Statistics | Sitemap | Privacy | License & Disclaimer