Resources For Learning Malware Analysis

NOTE: This article may be updated as new resources are identified Reverse engineering is a broad field with many niche specialities. There’s a lot of information out there to help you get started, but often hard to find. This article will provide a list of resources you can use to help build your malware analysis […]

The Deep Dive Malware Analysis Approach

Today, we will review the primary approaches to malware analysis.  Each approach is discussed and compared to one another to try and understand when you should use each method and why.  We will show why the deep dive analysis approach is generally the most optimal and spend most of our time discussing this methodology.  You […]

Helpful Configurations For Ghidra

These settings are current for Ghidra version 9.2.2 Ghidra is a free open source disassembler that allows you to inspect binaries at the assembly level to determine functionality.  A disassembler is an essential tool in any malware reverse engineer’s toolbox. Ida Pro is the industry standard disassembler, but is very expensive which makes it infeasible […]

How To Build A Malware Analysis Lab

Reverse Engineering (RE) malware requires a special lab to ensure your production environment doesn’t get infected.  This can be accomplished by having dedicated computers on an air gapped network, or more commonly through the use of virtual machines (VM’s).  We will discuss how to setup a dedicated malware analysis lab using virtual machines and all […]