מחקר נוזקות שלב 1

60 שיעורים6 שעות 60 שעות תירגול
  • Course outlines.
  • What is malware.
  • What is malware research.
  • Why is it important to analyze malware.
  • Malware types in the wild.
  • Malware Triangle principal.
  • Lab network scope.
  • Windows 10 lab over VirtualBox.
  • Kali Linux Lab over VirtualBox.
  • Lab Optimization.
  • Setting up FLARE.
  • Snapshot management.
  • What is a process.
  • Virtual Address.
  • Physical Address.
  • The OS Loader.
  • Page table.
  • Las & Pas.
  • MMU.
  • PE Structure.
  • DOS Header.
  • NT Header.
  • File Header.
  • Optional Header.
  • Sections.
  • Exe vs DLL.
  • Export address table.
  • Import address table.
  • Must know DLL's.
  • Functions Fuzzing.
  • Packers.
  • Hashing & Fingerprinting.
  • Host based IOC's.
  • Sections.
  • Network based IOC's.
  • Textual analysis.
  • Downloaders Vs Droppers.
  • End to End malware research demo.
  • Hands on malware labs.
  • What is dynamic analysis.
  • Static analysis combination.
  • Network based analysis - DNS.
  • Network based analysis - Wide protocols.
  • Network based analysis - Data extraction.
  • Sysinternals.
  • Registry monitoring.
  • Persistence hunting.
  • File system monitoring.
  • Process operation breakdown.
  • process operation post extraction.
  • Hands on malware labs.
  • Introduction to YARA rules.
  • YARA rules formats.
  • YARA rules conditions.
  • Case sensitive strings.
  • YARA rules automation.
  • SSMA.
  • Hands on malware labs.
  • Malware research reporting.
  • Malware labs certification project.