- Building a Free Malware Lab
- Pytips for Deobfuscation
- Yara Rules (under construction!)
- IR18 Slides!
- _TEB Structure 64-bit
- _TIB Structure 64-bit
- _PEB Structure 64-bit
- _PEB_LDR_DATA Structure 64-bit
- _LDR_DATA_TABLE_ENTRY Structure 64-bit
- _LIST_ENTRY Structure 64-bit
- _EPROCESS Structure 64-bit
- Analyzing Windows shellcode - triage, disassemble, debug.
- Online resources:
- Malware Unicorn: https://securedorg.github.io/RE101/
- OA Labs: https://www.youtube.com/channel/UC--DwaiMV-jtO-6EvmKOnqg
- Malware Analysis for Hedgehogs:
https://www.youtube.com/channel/UCVFXrUwuWxNlm6UNZtBLJ-A - Colin Hardy: https://www.youtube.com/channel/UCND1KVdVt8A580SjdaS4cZg
- MalwareTech:
https://www.youtube.com/channel/UCLDnEn-TxejaDB8qm2AUhHQ - Didier Stevens: https://www.youtube.com/user/dist67/videos
- x86 Opcode and Instruction Reference:
http://ref.x86asm.net/coder32.html - Syscall Reference: https://syscalls.kernelgrok.com/
- Books:
- Practical Malware Analysis
- Malware Analyst's Cookbook
- Learning Malware Analysis
- Practical Reverse Engineering
- Secrets of Reverse Engineering
- Art of Memory Forensics
- Windows Internals
- Malware Samples
- app.any.run
- reverse.it
- malware-traffic-analysis.net
- https://github.com/ytisf/theZoo/tree/master/malwares/Binaries
Comments
Post a Comment