Want to Join Us ?

you'll be able to discuss, share and send private messages.

Tutorial Malware Analysis Tutorials: a Reverse Engineering Approach by Dr. Xiang Fu

Discussion in 'Reverse engineering' started by storm shadow, Mar 9, 2015.

Share This Page

  1. storm shadow

    Techbliss Owner Admin Ida Pro Expert Developer

    Author: Dr. Xiang Fu

    Roadmap: You need to first follow Tutorials 1 to 4 to set up the lab configuration. Then each tutorial addresses an independent topic and can be completed separately (each one will have its own lab configuration instructions).

    Malware Analysis Tutorial 1- A Reverse Engineering Approach (Lesson 1: VM Based Analysis Platform)
    Malware Analysis Tutorial 2- Introduction to Ring3 Debugging
    Malware Analysis Tutorial 3- Int 2D Anti-Debugging .
    Malware Analysis Tutorial 4- Int 2D Anti-Debugging (Part II)
    Malware Analysis Tutorial 5- Int 2D in Max++ (Part III) .
    Malware Analysis Tutorial 6- Self-Decoding and Self-Extracting Code Segment .
    Malware Analysis Tutorial 7: Exploring Kernel Data Structure .
    Malware Analysis Tutorial 8: PE Header and Export Table .
    Malware Analysis Tutorial 9: Encoded Export Table .
    Malware Analysis Tutorial 10: Tricks for Confusing Static Analysis Tools .
    Malware Analysis Tutorial 11: Starling Technique and Hijacking Kernel System Calls using Hardware Breakpoints .
    Malware Analysis Tutorial 12: Debug the Debugger - Fix Module Information and UDD File .
    Malware Analysis Tutorial 13: Tracing DLL Entry Point .
    Malware Analysis Tutorial 14: Retrieve Self-Decoding Key .
    Malware Analysis Tutorial 15: Injecting Thread into a Running Process .
    Malware Analysis Tutorial 16: Return Oriented Programming (Return to LIBC) Attack .
    Malware Analysis Tutorial 17: Infection of System Modules (Part I: Randomly Pick a Driver).
    Malware Analysis Tutorial 18: Infecting Driver Files (Part II: Simple Infection) .
    Malware Analysis Tutorial 19: Anatomy of Infected Driver
    Malware Analysis Tutorial 20: Kernel Debugging - Intercepting Driver Loading .
    Malware Analysis Tutorial 21: Hijacking Disk Driver
    Malware Analysis Tutorial 22: IRP Handler and Infected Disk Driver
    Malware Tutorial Analysis 23: Tracing Kernel Data Using Data Breakpoints
    Malware Analysis Tutorial 24: Tracing Malicious TDI Network Behaviors of Max++
    Malware Analysis Tutorial 25: Deferred Procedure Call (DPC) and TCP Connection
    Malware Analysis Tutorial 26: Rootkit Configuration
    Malware Analysis Tutorial 27: Stealthy Loading of Malicious Driver
    Malware Analysis Tutorial 28: Break Max++ Rootkit Hidden Drive Protection
    Malware Analysis Tutorial 29: Stealthy Library Loading II (Using Self-Modifying APC)
    Malware Analysis Tutorial 30: Self-Overwriting COM Loading for Remote Loading DLL
    Malware Analysis Tutorial 31: Exposing Hidden Control Flow
    Malware Analysis Tutorial 32: Exploration of Botnet Client
    Malware Analysis Tutorial 33: Evaluation of Automated Malware Analysis System I (Anubis)
    Malware Analysis Tutorial 34: Evaluation of Automated Malware Analysis Tools CWSandBox, PeID, and Other Unpacking Tools















     
Top