You will also learn how to examine "file-less" malware and malicious PowerShell scripts. Such documents act as a common infection vector as a part of mainstream and targeted attacks. You will also learn how to analyze malicious Microsoft Office, RTF, and PDF files. Next, you will dive into the world of malware that thrives in the web ecosystem, exploring methods for assessing suspicious websites and de-obfuscating malicious JavaScript to understand the nature of the attack. In addition, you will learn to identify common malware characteristics by looking at suspicious Windows API patterns employed by malicious programs. You will learn to examine malicious code with the help of a disassembler and a debugger in order to understand its key components and execution flow. The course continues by discussing essential assembly language concepts relevant to reverse engineering. You will also learn how to redirect and intercept network traffic in the lab to explore the specimen's capabilities by interacting with the malicious program.
You will learn how to set up a flexible laboratory to examine the inner workings of malicious software, and how to use the lab to uncover characteristics of real-world malware samples. The course begins by establishing the foundation for analyzing malware in a way that dramatically expands upon the findings of automated analysis tools.
0 kommentar(er)
