Thursday, February 23, 2012

URL's to Learn Malware Analysis, RCE

Following links will be pretty useful to learn Malware Analysis, Reverse Code Engineering(RCE) etc.

http://forum.tuts4you.com/index.php
http://www.woodmann.com/TiGa/idaseries.html
http://www.openrce.org/articles/
http://www.kernelmode.info/forum/index.php
http://crackmes.de/

Debugging Book
http://advancedwindowsdebugging.com/portal/portal_downloads.htm


Step 1: Learn C/C++/Delphi etc. You can't reverse engineer if you can't forward engineer.
Step 2: Learn x86 assembly - http://opensecuritytraining.info/IntroX86.html (includes videos)
Step 3: Learn x86 architecture - http://opensecuritytraining.info/IntermediateX86.html (includes videos)
Step 4: Learn PE binary format - http://opensecuritytraining.info/LifeOfBinaries.html (includes videos)
Step 5: Learn about IDA & general RE thought process - http://opensecuritytraining.info/IntroductionToReverseEngineering.html (video pending)
Step 6: Learn about some stealth malware techniques - http://opensecuritytraining.info/Rootkits.html (includes videos)
Step 7: Learn more by encouraging other people to submit their own class material - http://opensecuritytraining.info/Why.html
http://opensecuritytraining.info/Training.html

check it out: http://www.accessroot.com/arteam/site/news.php
another awesome tuts: http://portal.b-at-s.net/download.php

Some Sites
http://j00ru.vexillium.org/
http://www.analyze-v.com/
http://byteworm.com/
http://blog.zemana.com/2012/05/kaynaklar.html
http://fumalwareanalysis.blogspot.in/p/malware-analysis-tutorials-reverse.html
http://thelegendofrandom.com/blog/sample-page
http://beginners.re/

Live Malware Samples
http://www.offensivecomputing.net/
http://www.malwaredomainlist.com/
http://www.malc0de.org/database
http://www.virussign.com/index.html
http://www.vx.netlux.org/
http://openmalware.org/
http://virusshare.com/
https://twitter.com/MalwareChannel 
http://www.vxheavens.com/
http://malshare.com/
https://avcaesar.malware.lu/
http://www.malwareblacklist.com/showMDL.php
https://malwr.com/
http://secuboxlabs.fr/
http://www.virusign.com/
http://virusshare.com/

Other useful sources
http://zeltser.com/combating-malicious-software/malware-sample-sources.html
http://reverseengineering.stackexchange.com/questions/206/where-can-i-as-an-individual-get-malware-samples-to-analyze
http://reverseengineering.stackexchange.com/questions/265/where-to-find-free-training-in-reverse-engineering

Suspicious files can be analyzed at
https://www.virustotal.com/

Malicious PDF Files
http://filex.jeek.org/archive_PDF.zip

Android Malware Samples
http://contagiodump.blogspot.in/
http://www.malgenomeproject.org/

For Mac OS X related resources, refer
http://darshanams.blogspot.in/2012/05/mac-os-x-infector-and-research.html

Tools
IDA/Olly/WinDBG
ImpREC
LordPE
Sysinternal's Tool Suite
Exeinfo PE/ PEiD
PEstudio
CFF Explorer
FileAlyzer
PEview

Let me know new sites, will update the same here :-) !!!

3 comments:

  1. Hi

    I read this post two times.

    I like it so much, please try to keep posting.

    Let me introduce other material that may be good for our community.

    Source: Computer programmer interview questions

    Best regards
    Henry

    ReplyDelete
  2. hi cahill.....thanks for the comments n' encouragement!

    ReplyDelete
  3. You can play video, 3D, progressive, traditional and other forms of slots with the added peace of thoughts that your monetary data is protected. Land-based slot machines are these found in the real casinos of Las Vegas and worldwide. Many boast thrilling features not discovered online, corresponding to vibrating chairs, state-of-the-art sound methods, and indulgent cupboards. Many in style land-based slots have also been tailored for online play. No registration slots permit you to play games at an online on line casino at no cost, without the need to|the necessity to} create a player account. Although, while 빅카지노 many on line casino sites supply free play demo slots, most will require you signal up|to enroll} in order to to} play the free online slots.

    ReplyDelete