Malware Analysis Professional (MAP) is an online, self-paced training course that teaches students the knowledge and skills necessary to dissect malicious software in order to understand its mechanics and purpose.
In this course, you will be able to:
Work with realistic malware samples created to prepare you for real-world samples
Analyze real-world samples: ransomware, botnets, rats, etc.
Explore an entire module dedicated to x64 bit assembly
Dive into the TLS method
Understand how malware uses Windows APIs to achieve their malicious activity
Debug samples using different debuggers
MAP provides a holistic approach to dissecting malware. You will also learn more about Reverse Engineering and add an additional skill to your arsenal, allowing you to dissect a product to understand its blueprint, how it was made, and:
Understand and bypass Anti-Reversing techniques
Learn about IA-32 CPU Architecture
Perform full manual unpacking on packed executables
Learn different methods to locate the important algorithms
MAP is a self-paced course that comes with 36 labs so you can develop your knowledge and test your skills through hands-on dissection and analysis of malicious software. In the Reverse Engineering portion of MAP, there are 10 downloadable, offline labs (executables) that provide practical reverse engineering experience. Additionally, this content comes with videos that provide step-by-step guidelines, providing an in-depth explanation of every technique.
Course material
Over 8 hours of HQ video training material
~1800+ Interactive slides across 21 modules
36 hands-on Malware Analysis and reverse engineering challenges labs, with over 800+ pages of lab manuals.
PREREQUISITES
Basic Knowledge and understanding of:
Networking and Network Protocols: TCP, UDP, ARP, ICMP, etc
Operating Systems and Computer Architecture Concepts
Programming Languages: x86 Assembly, C, C++, and Python
Information Security: Cyber Attacks, Malicious Content, Exploitation, Shellcodes and Digital Forensic Investigations
WHO SHOULD TAKE THIS COURSE?
The target audience of this course are:
Incident Responders
Digital Forensic Examiners
Malware Analysts
Penetration Testers who want to adapt Malware methods for their PT
Reverse Engineers with 0 – 2 yrs of experience
Cybersecurity Researchers and Students
ORGANIZATION OF CONTENTS
The student is provided with a suggested learning path to ensure the maximum success rate and its minimum effect.
SECTION 1: MALWARE ANALYSIS
Module 1: Introduction to Malware Analysis
Module 2: Static Analysis Techniques
Module 3: Assembly Crash Course
Module 4: Behavior Analysis
Module 5: Debugging and Disassembly Techniques
Module 6: Obfuscation Techniques
SECTION 2: REVERSE ENGINEERING
Module 1: The Necessary Theory: Part 1
Module 2: The Necessary Theory: Part 2
Module 3: The Necessary Theory: Part 3
Module 4: VA/RVA/OFFSET & PE File Format
Module 5: String References & Basic Patching
Module 6: Exploring the Stack
Module 7: Algorithm Reversing
Module 8: Windows Registry Manipulation
Module 9: File Manipulation
Module 10: Anti-Reversing: Part 1
Module 11: Anti-Reversing: Part 2
Module 12: Anti-Reversing: Part 3
Module 13: Code Obfuscation
Module 14: Analyzing Packers & Manual Unpacking
Module 15: Debugging Multi-Thread Applications
HERA LABS
The MAP course is a practice-based curriculum. Being integrated with Hera Lab, the most sophisticated virtual lab in IT Security, it offers an unmatched practical learning experience. Hera is the only virtual lab that provides fully isolated per-student access to each of the real-world scenarios available on the platform. Students can access Hera Lab from anywhere through VPN.
Modules will be accompanied by 26 hands-on malware analysis labs, with an additional 10 Win32 applications to reverse engineer.
SECTION 1 MALWARE ANALYSIS LABS
MODULE 1
Lab 1: Evidence Acquisition using KAPE
MODULE 2
Lab 2: File Identification
Lab 3: Analyzing PE File Structures
Lab 4: Packed Malware Identification And Basic Analysis
Lab 5: From IOCs to YARA Rules
MODULE 3 LABS
Lab 6: Writing and Debugging Assembly x64 Code
MODULE 4 LABS
Lab 7: Working with Windows Processes
Lab 8: Analyzing a Custom Downloader
Lab 9: Working with DLLs and DLL Injection
Lab 10: Dynamically Analyzing a Custom Backdoor
Lab 11: Dynamically Analyzing a KeyLogger
MODULE 5 LABS
Lab 12: Reverse Engineering a 64-bit Downloader Using x64dbg
Lab 13: Debugging a 64-bit Downloader Using x64dbg
Lab 14: Debugging a 64-bit Dropper
Lab 15: Reverse Engineering a Keylogger using IDA Pro
Lab 16: Reverse Engineering a Bot Using IDA Pro
Lab 17: Analyzing the WannaCry Ransomware
Lab 18: Reverse Engineering a Custom Backdoor using IDA Pro (64-bit)