Malware Analysis
Scoreboard
·
Submit Flags
Prepare a Windows VM
Recommended
PMA 41: Windows 10 with Analysis Tools
20
Alternative Local System
H 2: Windows 2016 Server Virtual Machine
15
Best Cloud System
PMA 60: Windows 10 on Azure Cloud
15
Alternate Cloud System
PMA 30: Windows 2016 Server on Google Cloud
15
PE Files and DLLs
PMA 105: Process Explorer
10
PMA 102: Unpacking
25
PMA 121: Unpacking with OllyDbg and pestudio
50
PMA 122: PE Headers
50
PMA 123: Importing DLLs
45
PMA 124: DLL Hijacking
15
PMA 125: Installing Visual Studio 2019
10
PMA 126: DLL Proxying
20
PMA 403: API Monitor
15
Debugging
PMA 301: x86 Assembler with Jasmin
30
PMA 401. Simple EXE Hacking with Ollydbg
120
PMA 402: Hacking Minesweeper with Ollydbg
45
Kernel Debugging
PMA 410c: Kernel Debugging with LiveKD
15
PMA 430: WinDbg Preview
15
PMA 431: WinDbg Preview: Source-Level Debugging
10
PMA 432: WinDbg Preview: Kernel Debugging
35
PMA 433: Kernel Debugging with Breakpoints
30
PMA 434: Debugging a Driver
30
Exploit Development
ED 308: Exploiting "Vulnerable Server" (Local VM)
·
(Cloud)
25
ED 309: Defeating DEP with ROP
20
ED 318: Exploiting Easy RM to MP3 Converter
30
ED 319: SEH-Based Stack Overflow Exploit (Win 2016)
·
(Win 10)
65
Bootkits
PMA 420: Bootkit Analysis with Bochs
15
PMA 421: Understanding the MBR
70
TPM 1: Trusted Platform Modules on Windows
15
DOT NET
PMA 132: Reversing a .NET Executable
40
ED 330: Using C# DOT NET
20
ED 331: Dot Net Reflector
45
PowerShell
U-Cen and U-Cyb: PowerShell
75
Rust
R 10: Rust Basics, Overflows, & Injection
35
R 20: Dangling Pointers & Memory Leaks in Rust
35
Disassembly
PMA 303: IDA Pro
40
PMA 304: C Constructs in Assembly
15
PMA 510: Starting with Ghidra
10
PMA 511: Ghidra Data Displays
40
Windows Memory Protections
ED 301: Windows Stack Protection I: Assembly Code
15 extra
ED 302: Windows Stack Protection II: Exploit Without ASLR
15 extra
ED 303: Windows Stack Protection III: Limitations of ASLR
15 extra
ED 310: Windows Mitigations
10 extra
Malware Analysis
PMA 101: Basic Static Techniques
50
PMA 110: capa
15
PMA 131: Custom UPX
25
PMA 221: Basic Dynamic Analysis
60
PMA 222: Making a Windows Keylogger
10
Assembly Language
Prepare a Linux VM
ED 30: Linux Virtual Machine
15
H 201: Google Cloud Linux Server
10
ASM 100: Basics
69
ASM 104: Bases & Printing
40
ASM 105: ASCII
20
ASM 110: Gdb
30
ASM 120: Files
55
ASM 200: Caesar Cipher
35
ASM 210: XOR
20
Virtual Machine Resources
Download Textbook Labs Here
Hypervisors
VMware Player (for Windows hosts, free)
VMware Fusion (for Mac hosts, 30-day trial)
VirtualBox (free for all platforms)