Menu
  • Home
  • Radar Console
    • About the Radar
    • Go to Radar Console
    • Vulnerability Details
    • Overall Alerts
  • The Product Directory
    • About the Product Directory
  • CND Community
    • Contact Us
    • Blog
    • Packet Headers
    • Other Charts
    • Security Cartoons
  • Home
  • Radar Console
    • About the Radar
    • Go to Radar Console
    • Vulnerability Details
    • Overall Alerts
  • The Product Directory
    • About the Product Directory
  • CND Community
    • Contact Us
    • Blog
    • Packet Headers
    • Other Charts
    • Security Cartoons

Reverse-Engineering Malware: Malware Analysis Tools and Techniques

Learn to turn malware inside out! This popular reversing course explores malware analysis tools and techniques in depth. FOR610 training has helped forensic investigators, incident responders, security engineers, and threat analysts acquire the practical skills to examine malicious programs that target and infect Windows systems.

Understanding the capabilities of malware is critical to your ability to derive threat intelligence, respond to cybersecurity incidents, and fortify enterprise defenses. This course builds a strong foundation for reverse-engineering malicious software using a variety of system and network monitoring utilities, a disassembler, a debugger, and many other freely available tools.

The course begins malware analysis essentials that let you go beyond the findings of automated analysis tools. You will learn how to set up a flexible laboratory to examine the inner workings of malicious software, and how to use the lab to uncover characteristics of real-world malware samples. You will also learn how to redirect and intercept network traffic in the lab to derive additional insights and indicators of compromise. You will also start mastering dynamic code analysis techniques with the help of a debugger.

The course continues by discussing essential assembly language concepts relevant to reverse engineering. You will learn to examine malicious code with the help of a disassembler and a decompiler to understand key capabilities and execution flow. In addition, you will learn to identify common malware characteristics by looking at suspicious Windows API patterns employed by malicious programs.

Next, you will dive the analysis of malicious Microsoft Office, RTF, and PDF document files, which are often used as part of the attack chain in mainstream and targeted attacks. You'll learn how to examine macros and other threats that such documents might pose. The course will also teach you how to deobfuscate malicious scripts in the form of JavaScript and PowerShell scripts. You'll also learn how to examine shellcode.

Malware is often obfuscated to hinder analysis efforts, so the course will equip you with the skills to unpack malicious Windows executables. You will learn how to dump such programs from memory or otherwise bypass the packer's protection with the help of a debugger and additional specialized tools. You will also learn how to examine malware that performs code injection and API hooking to to conceal its presence on the system or interfere with information flow.

FOR610 malware analysis training also teaches how to handle malicious software that attempts to safeguard itself from analysis. You will learn how to recognize and bypass common self-defensive measures, including "fileless" techniques, sandbox evasion, flow misdirection, debugger detection, and other anti-analysis measures.

<p al

Rating
0 vote
Favoured:
0

Listing Details

Vendor
SANS
Website
Visit the Product Site
Pricing Model
Commercial
Modified
2022-09-06
Owner
michelemjordan
Add'l Info
Location - Worldwide Duration
Created
2009-02-19
  • 1522.png
RecommendReport
  • Web Application FW +
  • Cloud Security Services
  • Static Code Analysis
  • Boundary Guards +
  • Network Anomoly Detection +
  • Scanning Products +
  • Network Access Control
  • Server Security Products +
  • Endpoint Security +
  • Forensic Solutions +
  • Malware Protection +
  • Patch Management +
  • Reputational Intelligence
  • Insider Threat Solutions
  • Phishing Assessment
  • Virtualisation Security
  • SIEM
  • Vulnerability Alert Services
  • Security Training +
    • - Ethical Hacking
    • - CISSP Training
    • - Virus Training
    • - Intro to Security
    • - Intrusion Detection
    • - Firewalls and VPNs
    • - Unix and Linux Training
    • - Windows Security
    • - Forensics Training
    • - Incident Response
    • - Database Security
    • - Web Server Security
    • - Wireless Security
    • - Programming Security
    • - Network Security
    • - UK University Programs +
    • - US University Programs +
  • Security Conferences
  • Password Managers
  • TSCM Bug Sweeping +
  • Geeky Gadgets
  • Visio Stencils
  • Uncategorised

CND Services - Assessing Your Security

  • Risk Assessment
  • Cyber Profile Assessment
  • Cyber Essentials
  • Vulnerability Assessment
  • Web App Scanning
  • Penetration Testing
  • Red Teaming
  • Phishing Assessment
  • Security Compliance
  • Firewall Audit
  • Forensic Readiness
  • vCISO
  • Aviation vCRSM
  • Maritime vCySO

CND Services - Preventing an Attack

  • Superyacht Cyber
  • Secure Cloud Configuration
  • Security Architecture
  • IDS & IPS
  • Blockchain Security
  • Data Loss Prevention
  • System Security Hardening
  • Insider Threat Prevention
  • Cisco Advanced Security
  • Vulnerability Management

CND Services - Detecting an Attack

  • Splunk Services
  • SIEM
  • XDR
  • MDR
  • EDR
  • Building a SOC
  • SOC Maturity
  • Staffing a SOC
  • Cloud Security Monitoring
  • Insider Threat Detection
  • GPG13 Protective Monitoring
  • Cyber Threat Intelligence
  • Branded Radar Console

CND Services - Responding to Incidents

  • Breach Triage
  • Incident Response
  • Incident Support
  • Breach Impact
  • Root Cause Analysis
  • Breach Remediation
  • Risk Assessment
  • Forensic Readiness
  • IR Planning

CND Services - Managed Security

  • Managed SOC
  • Managed Cyber Education
  • Managed Phishing Assessments
  • vCISO
  • Vulnerability Assessments
  • Vulnerability Management
  • XDR
  • MDR
  • EDR
  • Managed SIEM

CND Services - Superyacht Services

  • Complete IMO Cyber
  • Superyacht Intelligence
  • Cyber Assessment
  • Cyber Plan & Policies
  • Cyber Monitoring
  • Cyber Officer CySO
  • Maritime Blog

CND Services - Recruitment

   

© Computer Network Defence Limited 2023

Privacy Notice
Terms & Conditions
Send us a Message