Practical Malware AnalysisSam BowneSCOREBOARDScores from BSidesLV 2017Scores from DEF CON 25 (2017) Scores from CactusCon 2017 |
|
Learn how to analyze malware, including computer viruses, trojans, and rootkits, using disassemblers, debuggers, static and dynamic analysis, using IDA Pro, OllyDbg and other tools. Familiarity with programming in C and assembler is helpful but not necessary. |
SetupAll the projects run on a single Windows Server 2008 machine.You can run it locally on VMware or VirtualBox, or in the cloud with NETLAB. Local HostingHypervisorsVMware Fusion (for Mac hosts, 30-day trial) VirtualBox (free for all platforms) VMsFor VMware: Win2008Malware.7zSize: 2,073,173,278 bytes SHA-256: c2d59bb80d71cb73350fe436d2658eeb46c869edce66c950ce97268e2a2fa25a |
Hosted by |
Student Assistants | |
---|---|
Elizabeth Biddlecome |
I have over 15 years of experience as a consultant in devising innovative technical solutions for small to medium enterprise needs. As a consultant, I'm devoted to creatively and effectively solving problems while providing a satisfying user experience. Throughout my career as a full stack software engineer, my enthusiasm for architecture, security, and server-side programming has driven my ability to architect robust apps, while my strong design skills have allowed me to create attractive, engaging UI designs to spec. Craftsmanship is critical to my work- I perceive code as art. Information Security is a deep passion of mine; I enjoy contributing as a core member of my team in local and national cybersecurity competitions as I transition fully into this space professionally. As engineers, I believe that we have signed up for a life-long learning process, and will always be students in one regard or another. I am also a dedicated educator, teaching both working professionals and adolescent through young adult students. MissionBit is a non-profit working within the San Francisco Unified School District, working toward the goal of closing the tech divide via mentoring the next generation of engineers, software developers, project managers, and security professionals in their career pursuits, with a particular focus on underrepresented minority and economically disadvantaged students. |
Elizabeth With Her "Software Engineer Pathways to Employment" Class at Microsoft | |
Other Projects | |
---|---|
Proj 3: INetSim (20 pts.) (rev. 2-1-16) Proj 7: Compiling C on Windows 2008 Server (15 pts.) (rev. 2-27-17) Proj 8: Disassembling C on Windows (15 pts. + 10 extra credit) (rev. 2-27-17) Proj 9: Disassembling C on Windows Part 2 (15 pts. + 10 extra credit) (Modified 3-20-17) Proj 11: Using OllyDbg to Analyze Lab09-01.exe (rev. 3-21-16) (15 pts.) Proj 12: Kernel Debugging with Livekd on Windows Server 2008 (20 pts.) (Updated 3-11-17) Proj 13: Using Kernel Debugging Commands with WinDbg (15 pts.) (rev. 4-19-17) Proj 14: Malware Behavior (Lab 11-1) (35 pts.) (updated 4-19-17) Proj 15: Covert Malware Launching (Lab 12-1) (rev. 4-18-16) (25 pts.) Proj 16: Data Encoding (Lab 13-1) (25 pts.) (rev. 4-24-17) Extra Credit ProjectsProj 1x: File and Strings (10 pts. extra credit)121-X11-files.zip (rev. 8-22-13) Proj 3x: Harvesting Files from Packet Captures with Wireshark (10 pts.) pX12-121.pcap (1.2 MB) Proj 4x: Introduction to Hopper (20 points) (rev. 2-22-16) Proj 5x: Assembly Code Challenges (30 points) (rev. 2-9-16) Proj 6x: Disassembling C on Windows Part 3 (15 pts. + 10 extra credit) Proj 7x: Analyzing Malicious Windows Programs (Lab 7-2) (15 pts.) Proj 8x: Using WinDbg on a Crash Dump (15 pts.) Project 12x: Anti-Disassembly (Lab 15-1) (15 pts.) |
Classes | |
---|---|
CNIT 126: Practical Malware Analysis CNIT 127: Exploit Development CNIT 128: Hacking Mobile Devices CNIT 123 Ethical Hacking and Network Defense CNIT 124 Advanced Ethical Hacking CNIT 40: DNS Security CNIT 141: Cryptography for Computer Networks |