PaulDotCom mailing list archives
Re: Reverse engineering or Malware analysis.
From: Michael Yemane <miketyhs () gmail com>
Date: Thu, 25 Apr 2013 16:53:26 -0400
+1 to ' Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code' and 'Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software'
Some good blogs/sites to help you get started: SecurityTube http://reddit.com/r/ReverseEngineering http://blog.zeltser.com/ https://www.corelan.be/ http://0xdabbad00.com/ http://contagiodump.blogspot.com/ http://forum.tuts4you.com/ https://www.mandiant.com/blog/ Tools you'll need: -Vmware or VirtualBox For Static analysisHashCalc, TrID-File Identifier, PEview, PEID, BinText, Dependency Walker, Heap Inspector, Unix Strings, IDA, OllyDBG,
For Dynamic analysisRegShot, InCtrl5, RegMon, ProcMon, FileMon, NetCat, BinText, LordPE, Wireshark, FakeDNS, FakeNet, Multipot, APIMonitor, SysAnalyzer, MCaptureBAT, Memoryze, HBGary Fast Dump, Volatility
Automated Malware AnalysisCuckoo Sandbox (if you still have the energy and want to impress your colleagues and upper mgmt, integrate it with Maltego via CuckooForCanari)
Good luck, Mike YP.S. I know some of the tools are a little dated, I just copied/pasted from a doc I put together a while back.
On 4/25/13 6:43 AM, Jason Long wrote:
Hello Folks.Can you offer me some information about Malware analysis? How can I do it? Can you show me a book in this field?Cheers. _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Re: Reverse engineering or Malware analysis., (continued)
- Re: Reverse engineering or Malware analysis. Ron Henry (Apr 25)
- Re: Reverse engineering or Malware analysis. allison nixon (Apr 25)
- Re: Reverse engineering or Malware analysis. Frank McClain (Apr 28)
- Re: Reverse engineering or Malware analysis. Juan Alberto Sanchez (Apr 25)
- Re: Reverse engineering or Malware analysis. Guillaume Ross (Apr 25)
- Re: Reverse engineering or Malware analysis. Matt Nels (Apr 25)
- Re: Reverse engineering or Malware analysis. Scott Runnels (Apr 25)
- Re: Reverse engineering or Malware analysis. S. White (Apr 25)
- Re: Reverse engineering or Malware analysis. Michael Salmon (Apr 28)
- Re: Reverse engineering or Malware analysis. Kory Kyzar (Apr 28)
- Re: Reverse engineering or Malware analysis. Michael Yemane (Apr 28)
- Re: Reverse engineering or Malware analysis. Juan Carlos (Apr 25)
- Re: Reverse engineering or Malware analysis. Michael D. Wood (Apr 29)
- Re: Reverse engineering or Malware analysis. Ron Henry (Apr 29)