شناسایی ساختار منطقی اسمبلی X86

آشنایی با الگو های رایج بد افزار ها و خصوصیات آنها

اجرای تحلیل کد به صورت پویا در اجرای برنامه های مشکوک

تحلیل منطق برنامه های مخرب از سطح برنامه نویس

پیشنیاز

CEH و CHFI

محتوای دوره

Assembling a toolkit for effective malware analysis
Examining static properties of suspicious programs
Performing behavioral analysis of malicious Windows executables
Performing static and dynamic code analysis of malicious Windows executables
Contributing insights to the organization’s larger incident response effort
Core concepts for analyzing malware at the code level
x86 Intel assembly language primer for malware analysts
Identifying key x86 assembly logic structures with a disassembler
Patterns of common malware characteristics at the Windows API level (DLL injection, function hooking, keylogging, communicating over HTTP, etc.)
Recognizing packed malware
Automated malware unpacking tools and approaches
Intercepting network connections in the malware lab Interacting with malicious websites to examine their nature
Deobfuscating browser scripts using debuggers and runtime interpreters
JavaScript analysis complications
Bypassing anti-analysis defenses
Recovering concealed malicious code and data
Unpacking more sophisticated packers to locate the Original Entry Point
Identifying and disabling methods employed by malware to detect analysts’ tools
Analyzing shellcode to assist with the examination of malicious documents and other artifacts
Analyzing malicious Microsoft Office (Word, Excel, PowerPoint) documents
Analyzing malicious Adobe PDF documents
Analyzing memory to assess malware characteristics and reconstruct infection artifacts
Manual unpacking of malware using OllyDbg, process dumping tools and imports-rebuilding utilities