Description: Introduces the course, malware goals and concepts, and the analyst mindset.
Description: High level overview of malware analysis tools, their anatomy and basic usage.
Description: Discusses in depth the Microsoft Portable Executable, Linux ELF, Apple MachO, and Adobe PDF file formats.
Description: Covers concepts such as basic assembly instructions, functions, flow graphs, and general IDA Pro usage.
Description: Provides instruction on the use of OllyDBG, WinDBG, GDB, how to set breakpoints, find strings in memory, examine CPU registers and flags, and much more.
Description: Concepts and techniques that malware authors use to get around Anti-Virus and other host based security products.
Description: The basics of how code obfuscation works and how to get around it as an analyst. Focuses on windows executables.
Description: Introduction to the AutoIt scripting language and how it is used maliciously along with analysis approaches.
Description: Deep dive into windows office and PDF based malware. Explains anti-analysis methods and how to overcome them.
Description: Exposes how malware authors employ the use of scripting language such as batch, powershell and VBscript along with what an analyst can do when faced with these types of attacks.
Description: The most important part of the course; how to most effectively communicate what you learn as an analyst to the different stakeholder audiences.