Reverse Engineering Malware


In this series, we will examine how to reverse engineer malware. Like so many skills in information security, these skills can be used by both Black and White Hats. White Hats use to it understand how the malware works to defeat it and to assign attribution; the Black Hats use it to reverse engineer a known piece of malware to give it additional capabilities and avoid detection. Whatever you do, this is a very high-level skill-set that is great demand within our industry. It is probably the highest paid sub-discipline within information security.

I will attempt walk you slowly through the knowledge base and skill sets you will need to reverse malware. These include a basic knowledge of assembler and C, how to use such tools as IDA Pro, Immunity and Ollydbg, basics of Windows and Linux operating system structure and function and then finally, how to edit to code to add functionality and stealth.

Why You Should Study Reverse Engineering of Malware

Vault 7 Reveals that Even the CIA Reverse Engineers Malware to Re-Use Code

Reverse Engineering Malware, Part 1: Getting Started

Reverse Engineering Malware, Part 2: Assembler Basics

Reverse Engineering Malware, Part 3: IDA Pro Introduction

Reverse Engineering Malware, Part 4: Windows Internals

Reverse Engineering Malware, Part 5: OllyDBG Basics

Reverse Engineering Malware, Part 6: System-Level Analysis

Reverse Engineering Malware: Getting Started with Ghidra, Part 1

Reverse Engineering Malware: Getting Started with Ghidra, Part 2

Why Reverse Engineering
Assembler Basics