IDA Pro 3 Hours Primer
What you'll learn
- Manually unpack UPX, visualise unpacking routine, reconstruct and verify import tables
- Analyse self-modifying code, patch and re-assemble routines
- Analyse a user-mode rootkit that hides processes and Windows services
- Analyse layers of obfuscations of Torlocker ransomware
- Solve crackmes
- Analyse 64-bit code: compiler optimisations, calling conventions, passing parameters and floating point numbers representation.
- There are no pre-requisites for this class other that a Windows virtual machine and the will to learn.
- All the tools used here are freely available online.
- Malware samples and scripts/programs presented are attached as resource.
This course is logically designed to guide you through some of the complicated parts of static and dynamic analysis of malware, with IDA Pro. Instead of just introducing IDA features in a simple narrative way, we will work through interesting real world examples and samples. This way, each feature, tip or trick discussed will be put into context for easier learning. We will mainly cover IDA Pro for Windows and occasionally Linux, and introduce additional tools as well, like decompiler plugins, scripts and packers.
The course is very practical, focused on examples that can be done straight away. There are no pre-requisites for this class other that a Windows virtual machine and the will to learn. All the tools discussed are freely available online.
Neither professional programming experience nor assembly language knowledge are required to benefit from the course, although basic knowledge of both would be very helpful. The concepts will be explained clearly and concisely and additional resources are always available.
To get the most out of this course, we recommended doing all the exercises. You can post any queries or questions in the course Q&A section, and I will be more than happy to help.
Who this course is for:
- Security testers
- Malware analysts
- Forensics investigators
- System administrators
- Information security students
- Anyone interested in information security in general and reverse engineering in particular
Hello and welcome everyone. My name is Cristina. I am a trainer and coach with a strong background in Software Security. For the past 10 years I’ve been working in software industry where security is a topic on a daily basis. I am very happy that you decided to join my courses! Thank you