![]() 2.01 is EVIL just misses functions found in v. 2012)Ĭh 1b: Fake FBI warning tricks man into surrendering himself for possession of child pornĬh 2a: VirusTotal - Free Online Virus, Malware and URL ScannerĬh 2c: Peering Inside the PE: A Tour of the Win32 Portable Executable File FormatĬh 2d: Dependency Walker (depends.exe) Home PageĬh 2h: UPX: the Ultimate Packer for eXecutables - Download Ch 2i: BinText 3.03 McAfee Free ToolsĬh 3f: 3 Free Tools to Fake DNS Responses for Malware AnalysisĬh 7d: assembly - The point of test eax eaxĬh 7e: CurrentControlSetServices Subkey EntriesĬh 7f: Globally unique identifier - WikipediaĬh 7h: assembly - What is the 'FS''GS' register intended for?Ĭh 7j: Ring (computer security) - WikipediaĬh 8a: Exploit Development for Mere Mortals Joe McCray - YouTubeĬh 8c: Enabling Postmortem Debugging - Windows 10 hardware devĬh 8d: Using Windows Event Viewer to debug crashesĬh 8e: LiveKd for Virtual Machine DebuggingĬh 9b: OllyDbg v. If you want to use other formats, you may findĬhapter Links Ch 1a: Breach clean-up cost LinkedIn nearly $1 million, another $2-3 million in upgrades (Aug. ġ0: Kernel Debugging with WinDbg (Updated for 2019)ġ4: Malware-Focused Network Signatures KEYĪnti-Reverse-Engineering 15: Anti-Disassembly KEYĬlick a lecture name to see it on SlideShare.ħ: Analyzing Malicious Windows Programs.Ħ: Recognizing C Code Constructs in Assembly.Ģ: Malware Analysis in Virtual Machines & 3: Basic Dynamic Analysis.Note: Chapter Numbers are one too high in the E-BookĬhapter 0 is mislabelled as Chapter 1, etc.Ģ: Malware Analysis in Virtual Machines &Ħ: Recognizing C Code Constructs in Assemblyįinal Exam available online throughout the week.Ġ: Malware Analysis Primer & 1: Basic Static Techniques ![]() Non-CCSF students don't have a Discussion Board inĬanvas, but are encouraged to join Twitter and engageįor class-related questions, please send messages inside Canvas or (may be revised) Listed in the schedule with Discussion assignmentįor the topics and requirements, see the Discussion If you take the quiz twice, the higher score counts.ĬCSF students should take quizzes in the CCSFĮach CCSF student must contribute to the Discussion ![]() Each quiz has 5 questions, you have ten minutes to take it, and you can make two attempts. You will need to study the textbook chapterīefore the lecture covering it, and take the quiz before that class.Įach quiz is due 30 min. However, you may not ask other people to help you during the quizzes. The quizzes are multiple-choice, online, and open-book. "Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software", by Michael Sikorski and Andrew Honig ISBN-10: 1593272901 Recognize comTue packers and how to unpack them.Understand anti-reverse-engineering techniques that impede the use of disassemblers, debuggers, and virtual machines.Explain malware behavior, including launching, encoding, and network signatures.Perform advanced dynamic analysis with a debugger.Perform advanced static analysis with IDA Pro.Perform basic dynamic analysis with a sandbox. ![]() Perform basic static analysis with antivirus scanning and strings.Describe types of malware, including rootkits, Trojans, and viruses.Upon successful completion of this course, the student will be Learn how to analyze malware, including computer viruses, trojans, and rootkits, using disassemblers, debuggers, static and dynamic analysis, using IDA Pro, OllyDbg and other tools.Īdvisory: CS 110A or equivalent familiarity with programming Enter the book's title the "Find a Solution." field.CNIT 126: Practical Malware Analysis - Sam BowneĬNIT 126: Practical Malware Analysis Fall 2022 Sam Bowne
0 Comments
Leave a Reply. |