Reverse Engineering and Malware Analysis Fundamentals

Beginners' course on reverse engineering and malware analysis

4.50 (569 reviews)
Udemy
platform
English
language
Network & Security
category
instructor
22,937
students
7 hours
content
May 2022
last update
$59.99
regular price

What you will learn

Flare VM Lab Setup

OS fundamentals

Windows API

Virtual Memory

PE file structure

Static Analysis

Dynamic Analysis

Network Analysis

Memory Analysis

Identifying Standard and Custom Packers

Unpacking Packed Malware

Debugging Malware

Analysing Malware using Ghidra

Dumping memory

and more...

Description

If you are completely new to reverse engineering and malware analysis, then this course is for you. I will take you from zero to proficient level in reverse engineering and analyzing malware. You will learn using plenty of practical walk-throughs. We will learn the basics first then gradually proceed to more advanced topics. All the needed tools will be introduced and explained. By the end of this course, you will have the fundamentals of malware analysis under your belt to further your studies in this field. Even if you do not intend to take up malware analysis as a career, still the knowledge and skills gained in reverse engineering and analysis would be beneficial to you to reverse software as well.

Everything is highly practical.  No boring theory or lectures. More like walk-throughs which you can replicate and follow along.  We will use tools like tridnet, bintext, pestudio, cff explorer, regshot, procdot, fakenet, wireshark, process monitor, process hacker, xdbg, Ghidra and more...


Topics include:

  1. Lab Setup

  2. Tools

  3. OS Fundamentals

  4. Virtual Memory and the PE file

  5. Windows Internals

  6. Malware Components

  7. Static analysis

  8. Dynamic Analysis

  9. Network Analysis

  10. Unpacking Standard and Custom packers

  11. Dumping memory

    and more...


This course is suitable for:

  • Anyone who has no background on malware analysis and just starting out in this field

  • Hobbyist who just like to learn how to reverse engineer and analyze malware

  • Students who like to get started on the career path to become malware analysts

  • Hackers looking for additional tools and techniques to reverse software


The prerequisites:

Just a windows PC and an interest in malware analysis, or software reverse engineering.


Enroll now and I will see you inside.

Screenshots

Reverse Engineering and Malware Analysis Fundamentals - Screenshot_01Reverse Engineering and Malware Analysis Fundamentals - Screenshot_02Reverse Engineering and Malware Analysis Fundamentals - Screenshot_03Reverse Engineering and Malware Analysis Fundamentals - Screenshot_04

Content

Introduction

Introduction

Installing Virtual Machine and configuring it

Installing Virtual Machine
Configuring the virtual machine

Installing the tools - Flare VM

Installing the tools - Flare VM

Files and File Formats

Files and File Formats
Exercise: Identify File Formats

Virtual Memory and the Portable Executable (PE) File

Process Creation
Virtual Memory
Portable Executable (PE) File - Part 1
Portable Executable (PE) File - Part 2

Windows Internals

Win32 API

Intro to Static and Dynamic Analysis

Intro to Static and Dynamic Analysis

Installing additional tools

Installing addtional tools - bintext
Installing addtional tools - graphviz

Lab: Static Analysis of Malware Sample 1

Lab: Static Analysis of Malware Sample 1

Dynamic Analysis Workflow

Dynamic Analysis Workflow

Lab: Dynamic Analysis of Malware Sample 1

Lab: Dynamic Analysis of Malware Sample 1

Lab: Procdot Analysis of Malware Sample 1

Lab: Procdot Analysis of Malware Sample 1

Lab: Network Analysis of Malware Sample 1

Lab: Network Analysis of Malware Sample 1

Lab Exercise: Intro to Analysis of Malware Sample 2

Lab Exercise: Intro to Analysis of Malware Sample 2

Lab: Static Analysis of Malware Sample 2 - Unpacking

Lab: Static Analysis of Malware Sample 2 - Unpacking

Lab: Static Analysis of Malware Sample 2 - Embedded Strings Analysis

Lab: Static Analysis of Malware Sample 2 - Embedded Strings Analysis
Lab: Static Analysis of Malware Sample 2 - PE Header and Hash Analysis
Lab: Static Analysis of Malware Sample 2 - Regshot Analysis
Lab: Static Analysis of Malware Sample 2 - Procdot Analysis
Lab: Static Analysis of Malware Sample 2 - Network Analysis

Reverse Engineering Malware Sample 3

Intro to Malware Sample 3
Decompiling and extraction using exe2aut
Disassembling and Decompiling with Ghidra
Debugging with xdbg
Dumping Memory Using Process Hacker

Reverse Engineering Malware Sample 4 (Ransomware)

Intro To Malware Sample 4 (TeslaCrypt Ransomware)
File and Packer Identification
Debugging and Unpacking with xdbg and Process Hacker
Unpacking - Part 2
Analysis with Ghidra

Reverse Engineering Malware Sample 5 (Simda Trojan)

Intro To Malware Sample 5 (Simda Trojan)
File and Packer Identification
Identifying Abnormal Epilogues
Unpacking the Shellcode
Final Unpacking and Analysis in Ghidra

Resources For Further Study

Bonus Lecture

Reviews

Sekar
May 26, 2022
Instructor is very clear what needs to be teach to absolute beginners. I was referred this course by another person who was taking advanced malware certification. I watched the ghidra part twice just to make sure i am understanding it properly. Kudos to the instructor.
Michael
May 13, 2022
I took another course before this one. I can say without a doubt. This is one of the best courses. Paul is very knowledgeable and it reflects in this course. I taken a programming course college, but never did it professionally. It does help to have knowledge of programming before taking this course. Know what is a Variable, Function, Loop, Return etc... I would give this course 5 stars but I wasn't aware how a debugger works before taking the class. The effect of which OS you use can change the syntax of the debugger. It was hard to follow about half way in, He did add an update section to help(Section 19, Video 32). I found it easier to use Windows7 as he does in most of his Videos. At least to grasp better what he was trying to teach. After that, Once I knew what I was looking for. I was able to finish the course using Windows10. Great Course.
Hiroaki
April 10, 2022
マルウェア解析で利用する各ツールを一通り使用しながら、解析の基本的なところを学習できる。 ただし、基礎的なコースということもあり マルウェアの一歩踏み込んだ解析(細かい動作等を解析するための静的解析)は あまり行わないため、そこは留意する必要あり。
Susan
March 14, 2022
Excellent course. I needed a refresher and this not only did that but taught me new things. I love Ghidra!
Michael
March 4, 2022
This is an amazing course in which Paul explains in plain language and very much detail the intricacies of Malware Analysis. He is very involved in this course answering questions within 24 hours, and in my case, he even took the time to record a separate video and share it with me (and the rest of the students) on YouTube, just to explain a concept... now that's what I consider real dedication from a professor! Thank you Paul for such a great experience. Looking forward to the Intermediate course and I hope you will consider also an Advanced Malware Analysis course.
Elias
February 6, 2022
I really enjoyed the deep technical analysis. My favourite part was the fact that we went very deep in the packing - and did not just do some simple examples. For example, the simba analysis was very cool - it showed multiple different layers of obfuscation and I really appreciated it. I would have like to know more about analysis in Ghidra - sometimes I open up a binary and I have no idea what sort of patterns/things to look out for. The course talked about uncommon function epilogues and two windows functions - but that's it. I would have like to know more. So a course/lecture about some common patterns to keep an eye on when analyzing in Ghidra would be super helpful! That being said, the course was still very enjoyable. Thank you so much!
Robert
January 29, 2022
Great course by a talented Reverse Engineering professional. You are taught how to use tools to conduct static analysis then taught how techniques to conduct reverse engineering on crack me files. Student is able to follow along and learn why steps are taking and the methodology of reverse engineering. This class was a unique find as all steps were repeatable! Lectures were in a logical format, well paced and helped to solidify the underlying principles taught. Overall, I highly recommend this course for students looking to gain a firm understanding in reverse engineering. I also look forward to future courses by this instructor!
Matti
January 14, 2022
Very easy to follow along, and the prof answers questions within a day. I highly recommend not only the course but the prof, as well. I'm not exactly advanced when it comes to this stuff, but he teaches things in a simple way. You may need to Google some things, but he assumes you have a low knowledge of the contents, which is very good for beginners.
Mark
January 10, 2022
Instructor is a skilled communicator of technical information. His experience as a college lecturer is evident.
Roi
November 30, 2021
hard to understand the speech. Need more in depth explanation on the things we see like tools used, what are they for other than what showed.
Morgan
November 30, 2021
This was a great beginner course for reverse engineering I learned how to break down a sample in order to put meaningful details in a report. Looking forward to the intermediate course.
Steve
November 20, 2021
I appreciate how the instructor gives a very straightforward explanation of each step in the sections. He is very patient and makes it easy to follow the workflow processes and his logic.
Fuad
November 19, 2021
I ran into difficulty finding installation resources on the net. The course needs a powerful laptop configuration. Disappointed! Needs two screens to do this course proporely.
A
November 4, 2021
Very clear explanation. This course is absolutely fit for beginners. The author explains all in detail.
Ben
September 5, 2021
Only about halfway through the course, but I've taken others from this instructor. I like his teaching style and I'm learning a lot of great stuff from him.

Charts

Price

Reverse Engineering and Malware Analysis Fundamentals - Price chart

Rating

Reverse Engineering and Malware Analysis Fundamentals - Ratings chart

Enrollment distribution

Reverse Engineering and Malware Analysis Fundamentals - Distribution chart

Coupons

DateDiscountStatus
5/8/202183% OFF
expired
5/19/2021100% OFF
expired
10/1/2021100% OFF
expired
10/26/202183% OFF
expired
11/2/202183% OFF
expired
4/18/202283% OFF
expired
3943908
udemy ID
3/28/2021
course created date
5/7/2021
course indexed date
Bot
course submited by