Level: Intermediate to Advanced

Duration: 64 hours

Table of Contents:

  • Introduction, lab configuration, reviews (Windows concepts, IDA Pro and Debuggers)
  • Code Injection techniques and Hooking.
  • x64 assembly reversing
  • COM concepts and Cryptography.
  • Gathering relevant malware information.
  • Unpacking native binaries.
  • Sandbox
  • Anti-analysis techniques: anti-debugging, virtual machines, and disassembly.
  • COM Reversing and PE Parsing.
  • Network communications, persistence and synchronization.
  • String decryption and API hash resolving.
  • Extracting C2 configuration through Python/IDA Python/IDC.
  • Using emulation and other techniques to speed up results.
  • Fast review about .NET internals.
  • Unpacking and analyzing .NET malware.
  • Shellcode reversing