Reversing & malware analysis training part 1 lab setup guide
Download as PPTX, PDF17 likes28,724 views
The document provides a disclaimer regarding the content and source code related to reverse engineering and malware analysis training offered by SecurityXploded, specifying that it is presented 'as is' without warranty. It acknowledges the contributions of the trainers and communities, outlines the training program's focus on essential tools and techniques, and lists various tools used for virtualization, development, and reverse engineering. The document serves as a guide for participants in the training course, detailing resources and tools relevant for effective analysis.
Reversing & malware analysis training part 1 lab setup guide
- 2. Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions of any kind. Also the views/ideas/knowledge expressed here are solely of the trainer’s only and nothing to do with the company or the organization in which the trainer is currently working. However in no circumstances neither the trainer nor SecurityXploded is responsible for any damage or loss caused due to use or misuse of the information presented here. www.SecurityXploded.com
- 3. Acknowledgement Special thanks to null & Garage4Hackers community for their extended support and cooperation. Thanks to all the trainers who have devoted their precious time and countless hours to make it happen. www.SecurityXploded.com
- 4. Reversing & Malware Analysis Training This presentation is part of our Reverse Engineering & Malware Analysis Training program. Currently it is delivered only during our local meet for FREE of cost. For complete details of this course, visit our Security Training page. www.SecurityXploded.com
- 5. Who am I #1 Amit Malik (sometimes DouBle_Zer0,DZZ) Member SecurityXploded & Garage4Hackers Security Researcher RE, Exploit Analysis/Development, Malware Analysis Email: [email protected] www.SecurityXploded.com
- 6. Who am I #2 Swapnil Pathak Member SecurityXploded Security Researcher RE, Malware Analysis, Network Security Email: [email protected] www.SecurityXploded.com
- 7. Introduction This Guide is specific to our course Although it will cover most of the tools and techniques for an analysis environment Our main focus is on the famous tools www.SecurityXploded.com
- 8. Virtualization Run multiple OS on the single hardware at the same time. Advanced functionalities like Snapshot, Revert Back, pause etc. Automation Controlled environment www.SecurityXploded.com
- 9. Virtualization Tools VmWare (Commercial) VirtualBox (Open Source – free) Images – XpSp2, XpSp3 www.SecurityXploded.com
- 10. VmWare Image www.SecurityXploded.com
- 11. VirtualBox Image www.SecurityXploded.com
- 12. Tools Development Compiler/IDE Dev C++ (Free) - preferred Microsoft Visual C++ (Commercial) Assemblers MASM (Free) -preferred NASM (Free) Winasm (IDE) (Free) Interpreters Python (Free) www.SecurityXploded.com
- 13. Tools Reverse Engg. Disassembler: IDA Pro (Download free version) Debuggers Ollydbg Immunity Debugger Windbg Pydbg (optional) www.SecurityXploded.com
- 14. Tools Reverse Engg. Cont. PE file Format PEview, PEbrowse, LordPE, ImpRec, Peid, ExeScan Process Related ProcMon, Process explorer Network Related Wireshark, TcpDump, Tshark, TCPView File, Registry Related Regshot, filemon, InstallwatchPro, CaptureBat www.SecurityXploded.com
- 15. Tools Reverse Engg. Cont. Misc. CFFExplorer, Notepad++, Dependency Walker, Sysinternal tools If something additional is required then we will cover that in the respective lecture www.SecurityXploded.com
- 16. Reference Complete Reference Guide for Reversing & Malware Analysis Training www.SecurityXploded.com