Course Description
The course covers several modules to help you start your journey in analyzing malware. Each module focuses on different skills building up your analysis arsenal, with skills related to PE analysis, assembly and reverse engineering, debugging, deobfuscation, and reporting.
Syllabus
After completing this course, students will be able to demonstrate how to analyze malware, extract IOCs, and write a report about their analysis.
1. Introduction to Malware Analysis
2. Working with a Sandbox and Different Analysis Tools
3. PE File Analysis
4. Assembly x86/x64 Crash Course
5. Reverse Engineer and Debugging Malware
6. Analyzing Different Injection Techniques
7. Malware Persistence Mechanisms
8. Obfuscation and Anti-Analysis Techniques
9. Analyzing Malware Armed with Shellcode
10. Analyzing Managed Code (readable/uncompiled)
11. Extracting IOCs and writing YARA Rules
12. Writing Reports
2. Working with a Sandbox and Different Analysis Tools
3. PE File Analysis
4. Assembly x86/x64 Crash Course
5. Reverse Engineer and Debugging Malware
6. Analyzing Different Injection Techniques
7. Malware Persistence Mechanisms
8. Obfuscation and Anti-Analysis Techniques
9. Analyzing Malware Armed with Shellcode
10. Analyzing Managed Code (readable/uncompiled)
11. Extracting IOCs and writing YARA Rules
12. Writing Reports
Instructor
Ali Hadi is a highly accomplished and experienced Senior Cybersecurity Specialist with 14+ years of professional experience in Information Technology. He is currently working as a full-time professor and researcher at the Computer and Digital Forensics and Cybersecurity Departments of Champlain College, USA. Ali is a Co-Founder and the Chief Technology Officer of Cyber 5W. He holds a PhD and MSc degree in Computer Information Systems, as well as a BSc degree in Computer Science. Throughout his professional career, Ali has earned more than 20 professional certifications. Ali is a sought-after consultant in the field of cybersecurity, offering expertise in areas such as digital forensics, incident response, adversary simulation, offensive security, and malware analysis. He is also an established author, speaker, and freelance instructor, having provided technical training to government and private firms as well as other organizations. Ali continues to be an influential figure in the digital forensics community and is dedicated to promoting forensics education and research. More details could be found here or contact him directly through twitter here.
Learning Objectives
After completing this course, the student will be able to perform the following:
-
Ability to Analyze Malware using Different Tools and Sandboxes
-
Learn assembly x86/x64
-
Learn how to reverse engineer and debug malware
-
Ability to analyze malware with different injection techniques
-
Learn about malware persistence, obfuscation, and anti-analysis techniques
-
Learn how to locate and analyze malware using shellcode
-
Ability to analyze malware written using managed languages, such as: .NET, HTA, VBScript, Python, and JavaScript
-
Ability to extract IOCs from malware samples and turn them into YARA rules
-
Learn how to write malware analysis reports
Prerequisites
Basic knowledge of operating systems, programming, and knowing assembly would be a plus.
The Value of the Training
After completing this course, students will be able to demonstrate how to analyze malware, extract IOCs, and write a report about their analysis.
Who is this Training For?
Anyone who is willing to start a career in this field and needs the skills to do malware analysis, and also those who are curious about learning how to analyze malware.
System Requirements:
what you need to for the course
1. Computer or laptop with a Linux/Windows/Mac Operating System.
2. Capability of running virtualization software (VMWare or VirtualBox) and the attendee is comfortable of running malware on it.
3. More than 50 GB of disk space for the VMs used.
2. Capability of running virtualization software (VMWare or VirtualBox) and the attendee is comfortable of running malware on it.
3. More than 50 GB of disk space for the VMs used.
Cancellation Policy:
Info you need to know to get a refund
Full refunds will be provided up to 14 days before the course start date. You are allowed to change the course schedule up to 10 days before the course starts.