מחקר נוזקות שלב 1
60 שיעורים6 שעות 60 שעות תירגול
- Course outlines.
- What is malware.
- What is malware research.
- Why is it important to analyze malware.
- Malware types in the wild.
- Malware Triangle principal.
- Lab network scope.
- Windows 10 lab over VirtualBox.
- Kali Linux Lab over VirtualBox.
- Lab Optimization.
- Setting up FLARE.
- Snapshot management.
- What is a process.
- Virtual Address.
- Physical Address.
- The OS Loader.
- Page table.
- Las & Pas.
- MMU.
- PE Structure.
- DOS Header.
- NT Header.
- File Header.
- Optional Header.
- Sections.
- Exe vs DLL.
- Export address table.
- Import address table.
- Must know DLL's.
- Functions Fuzzing.
- Packers.
- Hashing & Fingerprinting.
- Host based IOC's.
- Sections.
- Network based IOC's.
- Textual analysis.
- Downloaders Vs Droppers.
- End to End malware research demo.
- Hands on malware labs.
- What is dynamic analysis.
- Static analysis combination.
- Network based analysis - DNS.
- Network based analysis - Wide protocols.
- Network based analysis - Data extraction.
- Sysinternals.
- Registry monitoring.
- Persistence hunting.
- File system monitoring.
- Process operation breakdown.
- process operation post extraction.
- Hands on malware labs.
- Introduction to YARA rules.
- YARA rules formats.
- YARA rules conditions.
- Case sensitive strings.
- YARA rules automation.
- SSMA.
- Hands on malware labs.
- Malware research reporting.
- Malware labs certification project.