Level: Intermediate to Advanced

Duration: 64 hours

Table of Contents:

• Introduction, lab configuration, reviews (Windows concepts, IDA Pro and Debuggers)
• Code Injection techniques and Hooking.
• x64 assembly reversing
• COM concepts and Cryptography.
• Gathering relevant malware information.
• Unpacking native binaries.
• Sandbox
• Anti-analysis techniques: anti-debugging, virtual machines, and disassembly.
• COM Reversing and PE Parsing.
• Network communications, persistence and synchronization.
• String decryption and API hash resolving.
• Extracting C2 configuration through Python/IDA Python/IDC.
• Using emulation and other techniques to speed up results.
• Fast review about .NET internals.
• Unpacking and analyzing .NET malware.
• Shellcode reversing