FOR710 Reverse-Engineering Malware Advanced Code Analysis (VOD, PDF, USB)

Original price was: $49.00.Current price is: $19.00.

Price: 5.00 USD | Size: 17.0 GB | Duration : 40+ Hours | VOD, PDF, USB| ⭐️⭐️⭐️⭐️⭐️ 4.9



Price: 5.00 USD | Size: 17.0 GB | Duration : 40+ Hours | VOD, PDF, USB| ⭐️⭐️⭐️⭐️⭐️ 4.9



FOR710 Reverse-Engineering Malware Advanced Code Analysis (VOD, PDF, USB)


What You Will Learn

As defenders hone their analysis skills and automated malware detection capabilities improve, malware authors have worked harder to achieve execution within the enterprise. The result is malware that is more modular with multiple layers of obfuscated code that executes in-memory to reduce the likelihood of detection and hinder analysis. Malware analysts must be prepared to tackle these advanced capabilities and use automation whenever possible to handle the volume, variety and complexity of the steady stream of malware targeting the enterprise.

FOR710: Advanced Code Analysis continues where FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques course leaves off, helping students who have already attained intermediate-level malware analysis capabilities take their reversing skills to the next level. Authored by SANS Certified Instructor Anuj Soni, this course prepares malware specialists to dissect sophisticated Windows executables, such as those that dominate the headlines and preoccupy incident response teams across the globe.

Developing deep reverse-engineering skills requires consistent practice. This course not only includes the necessary background and instructor-led walk throughs, but also provides students with numerous opportunities to tackle real-world reverse engineering scenarios during class.

FOR710 Advanced Code Analysis Will Prepare You To:

  • Tackle code obfuscation techniques that hinder static code analysis, including the use of steganography.
  • Identify the key components of program execution to analyze multi-stage malware in memory.
  • Locate and extract deob fuscated shellcode during program execution.
  • Develop comfort with non-executable file formats during malware analysis.
  • Probe the structures and fields associated with a PE header.
  • Use WinDBG Preview for debugging and assessing key process data structures in memory.
  • Identify encryption algorithms in ransomware used for file encryption and key protection.
  • Recognize Windows APIs that facilitate encryption and articulate their purpose.
  • Investigate data obfuscation in malware, pinpoint algorithm implementations, and decode underlying content.
  • Create Python scripts to automate data extraction and decryption.
  • Build rules to identify functionality in malware.
  • Use Dynamic Binary Instrumentation (DBI) frameworks to automate common reverse engineering workflows.
  • Write Python scripts within Ghidra to expedite code analysis.
  • Use Binary Emulation frameworks to simulate code execution.

Course Topics:

  • Code deobfuscation
  • Program execution
  • Shellcode analysis
  • Steganography
  • Multi-stage malware
  • WinDbg Preview
  • Encryption algorithms
  • Data obfuscation
  • Python scripting for malware analysis
  • Dynamic Binary Instrumentation (DBI) Frameworks
  • Binary emulation frameworks
  • Payload and config extraction
  • Scripting with Ghidra
  • YARA rules
  • Yara-python
  • SMDA disassebler


There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.

You may also like…

    Your Cart
    Your cart is emptyReturn to Shop

    Add to cart