IDA Pro 3 Hours Primer
Video: .mp4 (1280x720, 30 fps(r)) | Audio: aac, 44100 Hz, 2ch | Size: 2.42 GB
Genre: eLearning Video | Duration: 19 lectures (3 hour, 4 mins) | Language: English
All you need to know about IDA Pro to start reversing like a Malware Analyst
Video: .mp4 (1280x720, 30 fps(r)) | Audio: aac, 44100 Hz, 2ch | Size: 2.42 GB
Genre: eLearning Video | Duration: 19 lectures (3 hour, 4 mins) | Language: English
All you need to know about IDA Pro to start reversing like a Malware Analyst
What you'll learn
Manually unpack UPX, visualise unpacking routine, reconstruct and verify import tables
Analyse self-modifying code, patch and re-assemble routines
Analyse a user-mode rootkit that hides processes and Windows services
Analyse layers of obfuscations of Torlocker ransomware
Solve crackmes
Analyse 64-bit code: compiler optimisations, calling conventions, passing parameters and floating point numbers representation.
Requirements
There are no pre-requisites for this class other that a Windows virtual machine and the will to learn.
All the tools used here are freely available online.
Malware samples and scripts/programs presented are attached as resource.
Description
This course is logically designed to guide you through some of the complicated parts of static and dynamic analysis of malware, with IDA Pro. Instead of just introducing IDA features in a simple narrative way, we will work through interesting real world examples and samples. This way, each feature, tip or trick discussed will be put into context for easier learning. We will mainly cover IDA Pro for Windows and occasionally Linux, and introduce additional tools as well, like decompiler plugins, scripts and packers.
The course is very practical, focused on examples that can be done straight away. There are no pre-requisites for this class other that a Windows virtual machine and the will to learn. All the tools discussed are freely available online.
Neither professional programming experience nor assembly language knowledge are required to benefit from the course, although basic knowledge of both would be very helpful. The concepts will be explained clearly and concisely and additional resources are always available.
To get the most out of this course, we recommended doing all the exercises. You can post any queries or questions in the course Q&A section, and I will be more than happy to help.
Who this course is for:
Security testers
Malware analysts
Forensics investigators
System administrators
Information security students
Anyone interested in information security in general and reverse engineering in particular