Posted on 2012-10-15, by honhungoc.
SANS 610 â€“ Reverse Engineering Malware : Malware Analysis Tools and Techniques
AVI | 2.3 GB
The malware analysis process taught in this class helps incident responders assess the severity and repercussions of a situation that involves malicious software. It also assists in determining how to contain the incident and plan recovery steps. Forensics investigators also learn how to understand key characteristics of malware present on compromised systems, including how to establish indicators of compromise (IOCs) for scoping and containing the intrusion.
A Methodical Approach to Reverse-Engineering
The course begins by covering fundamental aspects of malware analysis. Youâ€™ll learn how to set up an inexpensive and flexible laboratory for understanding the inner-workings of malicious software and will understand how to use the lab for exploring characteristics of real-world malware. Then youâ€™ll learn to examine the programâ€™s behavioral patterns and code. Afterwards, youâ€™ll experiment with reverse-engineering compiled Windows executables and browser-based malware.
The course continues by discussing essential x86 assembly language concepts. Youâ€™ll examine malicious code to understand the programâ€™s key components and execution flow. Additionally, youâ€™ll learn to identify common malware characteristics by looking at Windows API patterns and will examine excerpts from bots, rootkits, keyloggers, and downloaders. Youâ€™ll understand how to work with PE headers and handle DLL interactions. Furthermore, youâ€™ll learn tools and techniques for bypassing anti-analysis capabilities of armored malware, experimenting with packed executables and obfuscated browser scripts.
Towards the end of the course, youâ€™ll learn to analyze malicious document files that take the form of Microsoft Office and Adobe PDF documents. Such documents act as a common infection vector and need to be understood by enterprises concerned about both large-scale and targeted attacks. The course also explores memory forensics approaches to examining rootkits. Memory-based analysis techniques also help understand the context of an incident involving malicious software.
Hands-On Training for Malware Analysis and Reversing
Hands-on workshop exercises are a critical aspect of this course and allow you to apply reverse-engineering techniques by examining malware in a controlled environment. When performing the exercises, youâ€™ll study the supplied specimenâ€™s behavioral patterns and examine key portions of its code. Youâ€™ll examine malware on a Windows virtual machine that youâ€™ll infect during the course and will use the supplied Linux virtual machine (REMnux) that includes tools for examining and interacting with malware.
Complexity of the Course: Formalizing and Expanding Your Malware Analysis Skills
While the field of reverse-engineering malware is in itself advanced, the course begins by covering this topic from an introductory level and quickly progresses to discuss malware analysis tools and techniques of intermediate complexity.
Neither programming experience nor the knowledge of assembly is required to benefit from the course. However, you should have a general idea about core programming concepts, such as variables, loops, and functions. The course spends some time discussing essential aspects of x86 assembly to allow malware analysts navigate through malicious executables using a debugger and a disassembler.
- Ebooks list page : 20256
- 2018-01-13[PDF] SANS 610 - Reverse Engineering Malware : Malware Analysis Tools and Techniques
- 2013-01-18SANS 610 – Reverse Engineering Malware : Malware Analysis Tools and Techniques
- 2018-12-01SANS FOR610 Reverse-Engineering Malware Malware Analysis Tools and Techniques Includes Everything (2...
- 2020-01-022017 For610 Reverse Engineering Malware Malware Analysis Tools And Techniques
- 2013-04-10SANS 610 - Reverse Engineering Malware
- 2012-10-10SANS 610 - Reverse Engineering Malware (2012)
- 2012-07-04Reverse-Engineering Malware Malware Analysis Tools and Techniques download - Removed
- 2012-07-04download Reverse-Engineering Malware Malware Analysis Tools and Techniques - Removed
- 2011-03-09Reverse Engineering of Proprietary Protocols, Tools and Techniques
- 2012-09-19SANS Forensics 610 Reverse Engineering Malware.rar - Removed
- 2012-09-17SANS Forensics 610 Reverse Engineering Malware.rar
- 2012-09-16â€‹SANS Forensics 610 Reverse Engineering Malware
- 2012-09-14SANS Forensics 610 Reverse-Engineering Malware
- 2012-09-10SANS Forensics 610 â€“ Reverse-Engineering Malware
- 2012-06-24SANS Forensics 610 - Reverse-Engineering Malware
- 2017-05-15Sans For610 Reverse Engineering Malware
- 2017-04-18SANS FOR610 Reverse Engineering Malware
- 2017-03-18SANS FOR610 Reverse Engineering Malware
- 2019-08-07Problem Analysis Tools and Techniques
- Download links and password may be in the description section, read description carefully!
- Do a search to find mirrors if no download links or dead links.