You need to learn how to program to advance your malware analysis skills, but don’t know where to start. This post will outline what aspects you should focus on to have a direct and immediate impact on your ability to reverse engineer malware so that you don’t waste time on concepts with very little return […]
Learning to program is a necessary requirement to advance your malware analysis skills, but there are dozens of languages and it’s hard to know where to start. This post will detail the fundamental programming languages you should focus on along with the reasons why so you can start your malware reverse engineering education.
NOTE: This article may be updated as new resources are identified Reverse engineering is a broad field with many niche specialities. There’s a lot of information out there to help you get started, but often hard to find. This article will provide a list of resources you can use to help build your malware analysis […]
Today, we will review the primary approaches to malware analysis. Each approach is discussed and compared to one another to try and understand when you should use each method and why. We will show why the deep dive analysis approach is generally the most optimal and spend most of our time discussing this methodology. You […]
These settings are current for Ghidra version 9.2.2 Ghidra is a free open source disassembler that allows you to inspect binaries at the assembly level to determine functionality. A disassembler is an essential tool in any malware reverse engineer’s toolbox. Ida Pro is the industry standard disassembler, but is very expensive which makes it infeasible […]
Reverse Engineering (RE) malware requires a special lab to ensure your production environment doesn’t get infected. This can be accomplished by having dedicated computers on an air gapped network, or more commonly through the use of virtual machines (VM’s). We will discuss how to setup a dedicated malware analysis lab using virtual machines and all […]