Malicious documents have become a form of malware that all incident responders need to be able to analyze. This course will teach you how to analyze malicious Adobe PDF and Microsoft Office documents, along with any malicious scripts they contain.
Hiding malware within documents has become one the main methods attackers use to compromise systems. In this course, Performing Malware Analysis on Malicious Documents, you will learn how to look at documents to determine if they contain malware, and if so, what that malware does. First, you will explore how to analyze malicious Adobe PDF and Microsoft Office documents. Next, you will discover how attackers obfuscate scripts within malicious documents, and how you can defeat that obfuscation to determine the script’s purpose. Finally, you will dive into the tools required to perform this analysis safely and quickly. When you’re finished with this course, you will have the skills and knowledge needed to perform malware analysis on malicious documents.
Tyler Hudak has more than 15 years of experience performing malware analysis, computer forensics, and incident response for multiple organizations. He loves sharing the knowledge he has gained on these topics in his presentations and classes!
Course Overview Hi everyone. My name is Tyler Hudak, and welcome to my course, Performing Malware Analysis on Malicious Documents. I'm an incident responder that has a passion for analyzing malware in all its forms and have taught how to perform malware analysis for a number of years to hundreds of people. The number one topic I get requested to teach is analyzing malicious documents and with good reason. Documents are one of the primary ways attackers compromise systems with malware. In this course, we're going to learn how to analyze malicious documents to determine what they are doing to compromise a system. Some of the major topics that we'll cover include how to examine Adobe PDF and Microsoft Office documents, ways to get around malicious script obfuscation techniques, and the tools and techniques you can use to speed up your analysis. By the end of this course, you'll know how to safely determine if a document is malicious and how to figure out what it does to compromise a system. Before beginning the course, you should be familiar with basic malware analysis methodologies as taught in the Malware Analysis Fundamentals Pluralsight course. I hope you'll join me on this journey to learn how to analyze malicious documents with the Performing Malware Analysis on Malicious Documents course, at Pluralsight.