Never Ending Security

It starts all here

Opensecuritytraining.info – Malware Dynamic Analysis

Complete overview of the training ca be see on:
http://opensecuritytraining.info/MalwareDynamicAnalysis.html

PDF documents from the training can be downloaded here:
http://opensecuritytraining.info/MalwareDynamicAnalysis_files/MalwareDynamicAnalysis_PDFslides_201403_1.zip

ODF documents from the training can be downloaded here:
http://opensecuritytraining.info/MalwareDynamicAnalysis_files/MalwareDynamicAnalysis_ODFslides_201403_1.zip

Video’s can be watched/downloaded here:

  • Day 1 Part 1 : Introduction (8:10)
  • Day 1 Part 2 : Background: VirtualBox (5:56)
  • Day 1 Part 3 : Background: PE files & Packers (17:00)
  • Day 1 Part 4 : Background: File Identification (15:44)
  • Day 1 Part 5 : Background: Windows Libraries (4:27)
  • Day 1 Part 6 : Background: Windows Processes (35:16)
  • Day 1 Part 7 : Background: Windows Registry (18:07)
  • Day 1 Part 8 : Background: Windows Services (25:52)
  • Day 1 Part 9 : Background: Networking Refresher (27:38)
  • Day 1 Part 10 : Isolated Malware Lab Setup (26:47)
  • Day 1 Part 11 : Malware Terminology (6:50)
  • Day 1 Part 12 : Playing with Malware: Poison Ivy RAT (30:54)
  • Day 1 Part 13 : Behavioral Analysis Overview (5:30)
  • Day 1 Part 14 : Persistence Overview (9:06)
  • Day 1 Part 15 : Persistence Lab: Using Autoruns.exe to View Persistence (6:54)
  • Day 1 Part 16 : Persistence Lab: Viewing “Image File Execution Options” registry (6:40)
  • Day 1 Part 17 : Persistence Lab: Viewing Filesystem Persistence (3:06)
  • Day 1 Part 18 : Persistence Lab: Using Autoruns to Analyze IMworm’s Persistence (9:07)
  • Day 2 Part 1 : Day 1 Review (3:16)
  • Day 2 Part 2 : Persistence Lab: Using Regshot to Analyze IMworm’s Persistence (8:00)
  • Day 2 Part 3 : Persistence Lab: Using Autoruns to Analyze Hydraq’s Persistence (10:19)
  • Day 2 Part 4 : Persistence Lab: Using Regshot to Analyze Hydraq’s Persistence (10:49)
  • Day 2 Part 5 : Maneuvering Overview (2:30)
  • Day 2 Part 6 : Maneuvering: Code Injection Overview (11:46)
  • Day 2 Part 7 : Maneuvering: Lab: Using Regshot to analyze Parite (10:06)
  • Day 2 Part 8 : Background: Windows APIs (21:42)
  • Day 2 Part 9 : Maneuvering: Lab: Using WinAPIOverride to analyze Onlinegames 1 (30:51)
  • Day 2 Part 10 : Maneuvering: Lab: Using WinAPIOverride to analyze Onlinegames 2 (21:05)
  • Day 2 Part 11 : Maneuvering: DLL Search Path Hijacking & Asynchronous Procedure Call (APC) Overview (8:19)
  • Day 2 Part 12 : Maneuvering: Lab: Checking “Known_Dlls” (3:17)
  • Day 2 Part 13 : Maneuvering: Lab: Using ProcessMonitor to Analyze Nitol (18:23)
  • Day 2 Part 14 : Maneuvering: IAT/EAT/Inline Hooking Overview (13:33)
  • Day 2 Part 15 : Malware Functionality Overview (1:55)
  • Day 2 Part 16 : Malware Functionality: Keylogging Overview (3:05)
  • Day 2 Part 17 : Malware Functionality: Analyzing Magania’s Use of SetWindowsHookEx with Rohitab API Monitor (17:33)
  • Day 2 Part 18 : Malware Functionality: Backdoors Overview (2:56)
  • Day 2 Part 19 : Malware Functionality: Backdoors Lab: StickyKeys (1:08)
  • Day 2 Part 20 : Malware Functionality: Phone Home / Beaconing: Lab: Using INetSim to Capture DarkShell’s Beaconing (15:16)

Video’s also available on youtube.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s