Level: Intermediate to Advanced
Duration: 64 hours
Table of Contents:
- Introduction, lab configuration, reviews (Windows concepts, IDA Pro and Debuggers)
- Code Injection techniques and Hooking.
- x64 assembly reversing
- COM concepts and Cryptography.
- Gathering relevant malware information.
- Unpacking native binaries.
- Anti-analysis techniques: anti-debugging, virtual machines, and disassembly.
- COM Reversing and PE Parsing.
- Network communications, persistence and synchronization.
- String decryption and API hash resolving.
- Extracting C2 configuration through Python/IDA Python/IDC.
- Using emulation and other techniques to speed up results.
- Fast review about .NET internals.
- Unpacking and analyzing .NET malware.
- Shellcode reversing