Reverse Engineering & Malware Analysis - Intermediate Level

An Intermediate Level Course on Reverse Engineering and Analyzing Malware

4.64 (248 reviews)
Udemy
platform
English
language
Network & Security
category
Paul Chin
instructor
Reverse Engineering & Malware Analysis - Intermediate Level
11,458
students
5.5 hours
content
Feb 2024
last update
$79.99
regular price

What you will learn

Types of Malware and Terminologies

Static Analysis

Dynamic Analysis

Assembly Language Refresher and Malicious APIs

API Hooking, Process Hijacking, Dumping Memory

Identifying Standard and Custom Packers

Unpacking Packed Malware

Enumerating Breakpoints and Memory Tracing

Hooking VirtualProtect, VirtualAlloc, GetProcAddress, CreateProcessInternalW and other common API's

Using Scylla Plugin to Dump Memory, Fixing IAT Tables

Using Delphi Interactive Reconstructor

Dumping Memory from Memory Viewer, Process Hacker and Memory Maps

API Enumeration Count Trick To Know When to Dump

Self-Injection and Remote Thread Injection

Fixing Section Alignments, Unmapping and Re-Basing Dumped Files

and more...

Why take this course?

If you already have some basic reverse engineering and malware analysis knowledge and wish to go further, then this course is for you. I will take you from basic to intermediate level in reverse engineering and analyzing malware. You will learn using plenty of practical walk-throughs. The focus of this course will be on how to unpack malware. Most modern malware are packed in order to defeat analysis. Hence, this Intermediate Level Course provides the required knowledge and skills to unpack malware. All the needed tools will be introduced and explained. By the end of this course, you will have the intermediate level skill in malware analysis under your belt to further your studies in this field. Even if you do not intend to take up malware analysis as a career, still the knowledge and skills gained in reverse engineering and analysis would be beneficial to you to reverse software as well.

Everything is highly practical.  No boring theory or lectures. More like walk-throughs which you can replicate and follow along.  We will focus on API Hooking and Memory Analysis and Tracing to determine where and when to dump memory after a malware has unpacked its payload into memory. In this course, we will be using Oracle Virtual Machine installed with Flare-VM.  Take note that all software used in this course are free.


Topics include:

  1. Types of Malware and Terminologies

  2. Dynamic and Static Analysis

  3. Assembly Language Refresher and Malicious APIs

  4. API Hooking, Process Hijacking, Dumping Memory

  5. Fixing Section Alignments, Un-mapping and Re-Basing Dumped Files

  6. Enumerating Breakpoints and Memory Tracing

  7. Hooking VirtualProtect, VirtualAlloc, GetProcAddress, CreateProcessInternalW and other common API's

  8. Using Scylla Plugin to Dump Memory

  9. Using Delphi Interactive Reconstructor

  10. Dumping Memory from Memory Viewer, Process Hacker and Memory Maps

  11. API Enumeration Count Trick To Know When to Dump

  12. Self-Injection and Remote Thread Injection

  13. and more...


This course is suitable for:

  • Students who has already done a basic level malware analysis course

  • Hackers looking for additional tools and techniques to reverse software

  • Reverse Engineers who want to venture into malware analysis


The prerequisites:

  • Some basics in malware analysis or software reverse engineering.

  • Windows PC with Virtual Machine and Flare-VM Installed.


Note:

If you do not have the basics of malware analysis, it is recommended to take my earlier course first, which is entitled:

Reverse Engineering & Malware Analysis Fundamentals


Go ahead and enroll now. I will see you inside!

Screenshots

Reverse Engineering & Malware Analysis - Intermediate Level - Screenshot_01Reverse Engineering & Malware Analysis - Intermediate Level - Screenshot_02Reverse Engineering & Malware Analysis - Intermediate Level - Screenshot_03Reverse Engineering & Malware Analysis - Intermediate Level - Screenshot_04

Reviews

Peter
June 5, 2023
Really awesome course overall, you get a lot of good training in working with a debugger. There were some differences on a few malware samples that the debugger didn't hit certain breakpoints for some reason, but I was able to follow along with most samples and learn a lot of cool tricks, and learn some processes involved in unpacking some malware samples.
Korbin
October 11, 2022
Really Enjoyed the first course, this one is just as good. Great instructor and I'm learning so much! Thanks Mr. Chin! Keep up the great work.
Joseph
September 1, 2022
I got into Reverse Engineering of Malware as a pen testers - since it is a required skill that is mostly overlooked by most hackers. I signed up to several different courses that were Zero to Hero, but almost everyone had only a few examples on using outdated tools - and then jumped right into reversing at a high rate of speed. This course is not only direct and quick - but it shows exactly what to do and when to do it - while demonstrating each tool and how to use it. I learned a ton of stuff that I was missing in other courses I've taken. I'm highly confident I now know what to do and what to look for when unpacking and analyzing malware !
Mohit
August 14, 2022
Informative and helpful for debugging the malware. For the future, please add some more samples like Cobalt Strike
Sekar
May 31, 2022
Thank you Paul for the amazing course. I took both fundamental and intermediate course and learned a lot from it.
Jeffrey
October 14, 2021
A great course by a knowledgeable instructor. He is quick to respond if you have any questions about the course.
Francesco
September 10, 2021
As in all his courses, Prof. Chin manages to define the concepts in a clear and concise way. In particular, this course is suitable for those who have a base in Reverse Engineering and Malware Analysis (perhaps after having followed the basic course that the Prof. has published) and for those who want to learn how to unpack software in general. In this case we are talking about malware, but I am sure that these well explained techniques will allow the unpacking of software in general. Absolutely recommended, as well as the basic course! Thank you very much Prof. Paul!
Ronnie
August 17, 2021
Love the video it's practical and hands on. This is what security professionals are needing to help better secure their company.

Charts

Price

Reverse Engineering & Malware Analysis - Intermediate Level - Price chart

Rating

Reverse Engineering & Malware Analysis - Intermediate Level - Ratings chart

Enrollment distribution

Reverse Engineering & Malware Analysis - Intermediate Level - Distribution chart

Related Topics

Reverse Engineering
Malware
4108556
udemy ID
6/8/2021
course created date
7/22/2021
course indexed date
Bot
course submited by