Reverse Engineering Malware
In this series, we will examine how to reverse engineer malware. Like so many skills in information security, these skills can be used by both Black and White Hats. White Hats use to it understand how the malware works to defeat it and to assign attribution; the Black Hats use it to reverse engineer a known piece of malware to give it additional capabilities and avoid detection. Whatever you do, this is a very high-level skill-set that is great demand within our industry. It is probably the highest paid sub-discipline within information security.
​
I will attempt walk you slowly through the knowledge base and skill sets you will need to reverse malware. These include a basic knowledge of assembler and C, how to use such tools as IDA Pro, Immunity and Ollydbg, basics of Windows and Linux operating system structure and function and then finally, how to edit to code to add functionality and stealth.
​
Why You Should Study Reverse Engineering of Malware
​
​
​
Vault 7 Reveals that Even the CIA Reverse Engineers Malware to Re-Use Code
​
​
​
Reverse Engineering Malware, Part 1: Getting Started
​
​
​
Reverse Engineering Malware, Part 2: Assembler Basics
​
​
​
Reverse Engineering Malware, Part 3: IDA Pro Introduction
​
​
​
Reverse Engineering Malware, Part 4: Windows Internals
​
​
​
Reverse Engineering Malware, Part 5: OllyDBG Basics
​
​
​
Reverse Engineering Malware, Part 6: System-Level Analysis
​
​
​
Reverse Engineering Malware: Reversing and Disassembly Tools
​
​
​
Reverse Engineering Malware: Getting Started with Ghidra, Part 1
​
​
​
Reverse Engineering Malware: Getting Started with Ghidra, Part 2
​
​
​
Reverse Engineering Malware: Ghidra, Part 3 Analysis of Ransomware (WannaCry)