This course is logically designed to guide students gradually through some of the complicated parts of static and dynamic analysis of real-world malware. Instead of covering the topic broadly on the surface, we will take all the ramifications presented to us by the sample and use them as opportunities to deep dive and learn.
During our investigations we will cover a lot of adjacent topics. We will write Python deobfuscation scripts, embed assembly algorithms into C++ libraries, analyse steganography tricks and encryption flaws and many many more.
The course is very practical and exercises have been designed and tested for an updated Windows 8.1 operating system. There are no pre-requisites for this class other that a Windows virtual machine and the will to learn. All the 3rd party tools discussed are freely available online. Familiarity with Python and C/C++ is beneficial because these two are heavily used throughout the modules.
Assessments:
To get the most out of this course, I recommend doing all the assignments.
All the 6 practical assignments can be solved using information from the course.
There are no solutions provided, because I believe we learn best by doing.
I'm asking each student to send in their solutions to all the exercises at the end of the course.
If you stumble or have any questions, I'm more than happy to help anytime. Reach out directly or via the Q&A section.
Feel free to discuss the assignments with other students in the Q&A section, but please don't post the solutions or answers online.