Pentest Tools

Published on January 16th, 2016 📆 | 7656 Views ⚑

0

RPISEC– Malware Analysis


iSpeech

This material was developed and used by RPISEC to teach Malware Analysis at Rensselaer Polytechnic Institute in Fall 2015. This was a university course developed and run solely by students, primarily using the Practical Malware Analysis book by Michael Sikorski and Andrew Honig, to teach skills in reverse engineering, malicious behaviour, malware, and anti-analysis techniques.

With the increased use of the Internet and prevalence of computing systems in critical infrastructure, technology is undoubtedly a vital part of modern daily life. Unfortunately, the increasingly networked nature of the modern world has also enabled the spread of malicious software, or “malware”, ranging from annoying adware to advanced nation-state sponsored cyber-weaponry. As a result, the ability to detect, analyze, understand, control, and eradicate malware is an increasingly important issue of economic and national security.

[adsense size='1']

This course will introduce students to modern malware analysis techniques through readings and hands-on interactive analysis of real-world samples. After taking this course students will be equipped with the skills to analyze advanced contemporary malware using both static and dynamic analysis.

Expected demographic for RPISEC: Malware Analysis are students with zero reverse engineering experience.

 

Lecture Breakdown

Lecture Title Topics
01 Introduction Syllabus, Basic Static Analysis, Basic Dynamic Analysis
02 Advanced Static Analysis x86, IDA, Code Constructs
03 Analyzing Windows Programs WinAPI, Handles, Windows Internals, Networking, COM
04 Advanced Dynamic Analysis Debugging Concepts and Tools
05 Malware Behavior Malicious Activities and Techniques
06 Data Encoding and Malware Countermeasures Hiding Data, Malware Countermeasures
07 Covert Malware Launching Covert Launching and Execution
08 Anti-Analysis Anti-Disassembly, Anti-VM, Anti-Debugging, Anti-AV
09 Packing and Unpacking Packers, Packing, and Unpacking
10 Intro to Windows Kernel Kernel Basics, Windows Kernel API, Windows Drivers, Kernel Debugging
11 Rootkit Techniques Hooking, Patching, Direct Kernel Object Manipulation
12 Rootkit Anti-Forensics and Covert Channels Anti-forensics, Covert Channels

 

Tools

[adsense size='3']

Source && Download




Leave a Reply

Your email address will not be published.