Thursday, February 23, 2012

URL's to Learn Malware Analysis, RCE

Following links will be pretty useful to learn Malware Analysis, Reverse Code Engineering(RCE) etc.

http://forum.tuts4you.com/index.php
http://www.woodmann.com/TiGa/idaseries.html
http://www.openrce.org/articles/
http://www.kernelmode.info/forum/index.php
http://crackmes.de/

Debugging Book
http://advancedwindowsdebugging.com/portal/portal_downloads.htm


Step 1: Learn C/C++/Delphi etc. You can't reverse engineer if you can't forward engineer.
Step 2: Learn x86 assembly - http://opensecuritytraining.info/IntroX86.html (includes videos)
Step 3: Learn x86 architecture - http://opensecuritytraining.info/IntermediateX86.html (includes videos)
Step 4: Learn PE binary format - http://opensecuritytraining.info/LifeOfBinaries.html (includes videos)
Step 5: Learn about IDA & general RE thought process - http://opensecuritytraining.info/IntroductionToReverseEngineering.html (video pending)
Step 6: Learn about some stealth malware techniques - http://opensecuritytraining.info/Rootkits.html (includes videos)
Step 7: Learn more by encouraging other people to submit their own class material - http://opensecuritytraining.info/Why.html
http://opensecuritytraining.info/Training.html

check it out: http://www.accessroot.com/arteam/site/news.php
another awesome tuts: http://portal.b-at-s.net/download.php

Some Sites
http://j00ru.vexillium.org/
http://www.analyze-v.com/
http://byteworm.com/
http://blog.zemana.com/2012/05/kaynaklar.html
http://fumalwareanalysis.blogspot.in/p/malware-analysis-tutorials-reverse.html
http://thelegendofrandom.com/blog/sample-page
http://beginners.re/

Live Malware Samples
http://www.offensivecomputing.net/
http://www.malwaredomainlist.com/
http://www.malc0de.org/database
http://www.virussign.com/index.html
http://www.vx.netlux.org/
http://openmalware.org/
http://virusshare.com/
https://twitter.com/MalwareChannel 
http://www.vxheavens.com/
http://malshare.com/
https://avcaesar.malware.lu/
http://www.malwareblacklist.com/showMDL.php
https://malwr.com/
http://secuboxlabs.fr/
http://www.virusign.com/
http://virusshare.com/

Other useful sources
http://zeltser.com/combating-malicious-software/malware-sample-sources.html
http://reverseengineering.stackexchange.com/questions/206/where-can-i-as-an-individual-get-malware-samples-to-analyze
http://reverseengineering.stackexchange.com/questions/265/where-to-find-free-training-in-reverse-engineering

Suspicious files can be analyzed at
https://www.virustotal.com/

Malicious PDF Files
http://filex.jeek.org/archive_PDF.zip

Android Malware Samples
http://contagiodump.blogspot.in/
http://www.malgenomeproject.org/

For Mac OS X related resources, refer
http://darshanams.blogspot.in/2012/05/mac-os-x-infector-and-research.html

Tools
IDA/Olly/WinDBG
ImpREC
LordPE
Sysinternal's Tool Suite
Exeinfo PE/ PEiD
PEstudio
CFF Explorer
FileAlyzer
PEview

Let me know new sites, will update the same here :-) !!!