Reverse Engineering, Debugging and Malware Analysis - 2021
Students Enrolled | Ratings |
This course includes:
- 6 hours on-demand video
- 1 article
- 3 downloadable resources
- 1 practice test
- Full lifetime access
- Access on mobile and TV
- Certificate of completion
Preview
What you'll learn
- Reverse Engineering
- Malware Analysis
- Debugging
- Analysis Types and Reporting
- Basic Operating System Components
- Memory Types
- File System Types
- R2D2 Malware Analysis
- Cridex Malware Analysis
- Volatility
- Low Level Assembly Debugging
- Windows Registry
- Stack Guard Bypass
- Method Exploitation
- Low Level View
- Software Exploitation
Who this course is for:
- Reverse Engineer
- Malware Analysis
- Low-Level Debugging
Requirements
- Basic Programming Knowledge
Description
Breaking something down and putting it back together is a
process that helps people understand how things were
made.
A person would be able to redo and reproduce an origami by
unfolding it first. Knowing how cars work requires
understanding each major and minor mechanical part and their
purposes. The complex nature of the human anatomy requires
people to understand each and every part of the body. How?
By dissecting it. Reverse engineering is a way for us to
understand how things were designed, why is it in its state,
when it triggers, how it works, and what its purpose is. In
effect, the information is used to redesign and improve for
better performance and cost. It can even help fix defects.
Imagine if the Trojan Horse was thoroughly inspected and
torn down before it was allowed to enter the gates of a
city. This would probably cause a few dead soldiers outside
the gate fighting for the city. The next time the city is
sent another Trojan Horse, archers would know where to point
their arrows. And no dead soldiers this time. The same is
true for malware analysis—by knowing the behaviors of a
certain malware through reverse engineering, the analyst can
recommend various safeguards for the network. Think of it as
the Trojan Horse being the malware, the analyst being the
soldier who initially inspected the horse, and the city
being the network of computers.
Anyone seeking to become a reverse engineer or an analyst
should have the trait of being resourceful. Searching the
internet is part of reverse engineering. An analyst would
not plainly rely on the tools and information we provide in
this udemy course. There are instances that an analysis
would even require reverse engineer to develop their own
tools. Software auditing may require reverse engineering.
Besides high-level code review processes, some software
quality verification also involves implementing reverse
engineering. The aim of these test activities is to ensure
that vulnerabilities are found and fixed. There are a lot of
factors that are not taken into consideration during the
design and development of a piece of software. Most of these
are random input and external factors that may cause leaks,
leading to vulnerabilities. These vulnerabilities may be
used for malicious intents that not only disrupt the
software, but may cause damage and compromise the system
environment it is installed in. System monitoring and
fuzzing tools are commonly used when testing software.
Today's operating systems have better safeguards to protect
from crashing. Operating systems usually report any
discrepancies found, such as memory or file corruption.
Additional information, such as crash dumps, are also
provided in this course. From this information, a reverse
engineer would be able to pinpoint where exactly in the
software they have to inspect.
In the software security industry, one of the core skills
required is reverse engineering. Every attack, usually in
the form of malware, is reversed and analyzed. The first
thing that is usually needed is to clean the network and
systems from being compromised. An analyst determines how
the malware installed itself and became persistent. Then,
they develop steps for uninstalling the malware. In the
anti-malware phase, these steps are used to develop the
clean-up routine, once the anti-malware product is able to
detect that the system has been compromised. The analysis
provides information about how the malware was able to
compromise the system. With this information, network
administrators are able to impose policies to mitigate the
attack. If the malware was able to enter the system because
of a user opening an email attachment that contains
JavaScript code, the network administrator would implement
the blocking of emails that contain a JavaScript attachment.
Comments