This course is a one day introduction to reverse engineering malware in the Linux environment. Delegates will be guided through the entire process gaining new skills and experience reverse engineering malicious software with an insight in to the techniques used by malware to spread and infect other machines and devices and obfuscate their activity.
Delegates will gain hands on experience using decompilers, debuggers, network traffic analysis tools, hex editors and memory analysis tools.
This course is aimed at an introductory level to those wishing to learn both the basics and advanced techniques used to reverse engineer software. This course would be ideal for incident responders who want to take a more proactive role in analyzing identified threats.
This course will be suitable for delegates interested in the SANS Institute course FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques.
Module 1 Identifying Malware:
This module covers the various types of malware and the techniques used by malware to spread and infect other devices and obfuscate themselves with a look at IOT and current threats.
This module will cover the following subjects:
Module 2 Analysing malware:
This module covers the various tools, techniques and procedures used to create safe sandboxed environments for analysing malware with hands on experience using virtual machines, debuggers, decompilers and network traffic analysis tools used to dissect and analyse malware.
Delegates will gain hands on experience in the following areas:
Experience with Linux is advantageous however it is not essential as the instructor will guide the delegates through each task.