Description
Course info
Level
Advanced
Updated
Jan 24, 2020
Duration
1h 53m
Description

Anti-reverse engineering and anti-debugging techniques are often leveraged by malware authors to disrupt or prevent detailed analysis, helping them to avoid detection by even the most advanced security products. These efforts increase the odds that they will be successful in attacking an organization and can allow them to stay hidden within an organization for prolonged periods of time. In this course, Defeating Anti-reverse Engineering and Anti-debugging Techniques, you will gain the skills necessary to not only identify prevalent anti-analysis techniques, but also how to defeat them. First, you will gain insight into why malware authors employ such anti-analysis techniques and gain a deeper understanding of where to expect them. Next, you will dig deep into anti-analysis techniques used to disrupt both your static and dynamic analysis activities. You will get hands-on with identifying anti-disassembly techniques, control-flow obfuscation and hiding string and API calls. Then, you will learn how malware authors trick your debugger, employ code hiding techniques such as process hollowing and how they leverage shellcode to complicate analysis. Finally, you will explore techniques used to detect the presence of a sandbox, which leads to incomplete or inaccurate results and can throw off your analysis. Each module of this course will include in-depth demonstrations and hands-on labs utilizing real-world malware. By the end of this course, you will have the knowledge and skills to defeat anti-reversing and anti-debugging techniques used by the most sophisticated malware authors.

About the author
About the author

Dr. Josh Stroschein is an Assistant Professor at Dakota State University where he teaches malware analysis, software exploitation, reverse engineering, and penetration testing. Josh also works as a malware analyst for Bromium, an end-point security company and is the Director of Training for the Open Information Security Foundation (OISF).

More from the author
Reverse Engineering Malware with Ghidra
Intermediate
1h 35m
Mar 20, 2020
More courses by Josh Stroschein
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
[Autogenerated] Hi, everyone. My name is Dr Jastrow Shine and welcome to my course, defeating anti reverse engineering and anti debugging techniques. I am an experienced our analyst and reverse engineer with a passion for sharing knowledge with others. I am currently the director of training for the Open Information Security Foundation, where lead all training activity for the foundation as well as I'm responsible for academic outreach and developing research initiatives. I'm an accomplished trainer, providing training in Mauer analysis, reverse engineering and threat hunting, a Black Hat Derby con torque on Hack in the box, Sir Khan and other public and private venues. I am also an assistant professor of cybersecurity at Dakota State University and a threat researcher for Bro Me. Um, H P. And this course we're going to get hands on with anti reverse engineering and anti debugging techniques. These techniques are often used by Mauer authors to disrupt or prevent detailed analysis, helping them to avoid detection by even the most advanced security products. Identifying and defeating these techniques is often the first step, but analyzing any malicious file, some of the major topics that will cover include how anti reverse engineering and anti debugging affects your analysis. How to identify these techniques when analyzing malware, developing strategies for defeating or minimizing these techniques and adding stealth, your Mauer sandbox or other lab environments. By the end of this course, you will have the knowledge and skills to defeat anti reverse engineered and anti debugging techniques used by the most sophisticated malware authors. Before beginning of the course, you should be familiar with the basics of reverse engineering and be comfortable tools such as a disassembled and an assembly level. The ______. I hope you'll join me on this journey toe. Level up your Mauer analysis skills with my course, defeating anti reverse engineering and anti debugging techniques at plural site.