Tutoriales de análisis de malware: un enfoque de ingeniería inversa

Jean Grey · Diciembre 13, 2017, 05:18:08 PM

Hoja de ruta: Debe primero seguir los tutoriales de 1 a 4 para establecer la configuración del laboratorio. A continuación, cada tutorial se aborda un tema independiente y se puede completar por separado (cada uno tendrá sus propias instrucciones de configuración de laboratorio).

Malware Analysis Tutorial 1- A Reverse Engineering Approach (Lesson 1: VM Based Analysis Platform)
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 2- Introduction to Ring3 Debugging
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 3- Int 2D Anti-Debugging .
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 4- Int 2D Anti-Debugging (Part II)
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 5- Int 2D in Max++ (Part III) .
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 6- Self-Decoding and Self-Extracting Code Segment .
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 7: Exploring Kernel Data Structure .
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 8: PE Header and Export Table .
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 9: Encoded Export Table .
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 10: Tricks for Confusing Static Analysis Tools .
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 11: Starling Technique and Hijacking Kernel System Calls using Hardware Breakpoints .
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 12: Debug the Debugger - Fix Module Information and UDD File .
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 13: Tracing DLL Entry Point .
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 14: Retrieve Self-Decoding Key .
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 15: Injecting Thread into a Running Process .
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 16: Return Oriented Programming (Return to LIBC) Attack .
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 17: Infection of System Modules (Part I: Randomly Pick a Driver).
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 18: Infecting Driver Files (Part II: Simple Infection) .
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 19: Anatomy of Infected Driver
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 20: Kernel Debugging - Intercepting Driver Loading .
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 21: Hijacking Disk Driver
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 22: IRP Handler and Infected Disk Driver
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Tutorial Analysis 23: Tracing Kernel Data Using Data Breakpoints
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 24: Tracing Malicious TDI Network Behaviors of Max++
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 25: Deferred Procedure Call (DPC) and TCP Connection
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 26: Rootkit Configuration
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 27: Stealthy Loading of Malicious Driver
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 28: Break Max++ Rootkit Hidden Drive Protection
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 29: Stealthy Library Loading II (Using Self-Modifying APC)
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 30: Self-Overwriting COM Loading for Remote Loading DLL
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 31: Exposing Hidden Control Flow
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 32: Exploration of Botnet Client
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 33: Evaluation of Automated Malware Analysis System I (Anubis)
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Malware Analysis Tutorial 34: Evaluation of Automated Malware Analysis Tools CWSandBox, PeID, and Other Unpacking Tools
Link: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Author: Dr. Xiang Fu

Saludos

Tutoriales de análisis de malware: un enfoque de ingeniería inversa

Jean Grey

Diciembre 13, 2017, 05:18:08 PM