Advanced Malware Analysis (CS-AMA)
Analyzing the malicious programs like bots, worms, viruses and trojans is considered vital in the forensics science. These essential techniques are used to examine malware using various monitoring tools, debuggers and disassemblers. Cipher Storm has designed this training course to help security professionals apply the analysis skills and take instant action in the event of security breach to detect and identify the specific malware type. During the course, candidates will learn behavioral, static code analysis and reverse-engineering techniques which will open them to a wide range of assessment criteria. Each subject will be taught with relevant examples to give better understanding of malware analysis process. Our qualified instructor will demonstrate the setup for the inexpensive and flexible laboratory. Candidates will also benefit from the advanced knowledge-base in examination of application’s behavioral patterns and assembly code. However, these set of analysis techniques are not limited to analyzing the code obfuscation mechanisms and browser-based malwares but also provide essential aspects of reverse engineering.
Cipher Storm advanced malware analysis (CS-AMA) course will demonstrate the use of following tools:
- BinText, VMware, SpiderMonkey
- System Monitor, Process Explorer, Regshot
- IDA Pro, OllyDbg, OllyDump
- Snort, Netcat, FakeDNS, Honeyd
- Malzilla, Rhino, FireBug
Benefits
- Hands-on exercises with advanced malware analysis tools and techniques.
- Instant identification and analysis of viruses, worms, bots, trojans and other relevant threats.
- Monitoring the active malware for further evaluation of preventive measures, disinfection and containment process.
- Learn to reverse engineer the malware using dynamic and static code analysis techniques.
- Deploy the countermeasures at the edge of your network infrastructure.
- Provide a key placement in incident handling process.
Course Contents
- Prepare the laboratory environment
- Toolkit Introduction
- Static Code Analysis
- Dynamic Code Analysis
- Reverse Engineering Protected Executables
- Intercept Network Communications
- Patching Compiled Executables
- Examining Shellcode
- Malware Analysis and Code Reversing Concepts
- Identify Assembley Logic Structures
- Identification of PE headers
- Handle DLL interactions and API hooking
- Packer Identification, Unpacking & Decrypting Malware
- Bypass Code Defensive Mechanisms
- Browser-based Malware Analysis
- Legal Issues Regarding Malware Analysis
Computer Forensics & Investigation (CS-CFI)
Ethical Hacking and Network Defense (CS-EHND) |
