Reverse Engineering All the Malware and Why You Should Stop
Offered By: YouTube
Course Description
Overview
Explore the intricacies of malware reverse engineering and its future implications in this 55-minute conference talk from Derbycon 2016. Delve into Brandon Young's approach to malware reverse engineering, examining current trends and future prospects in the field. Learn about automation techniques, sandbox usage, and API utilization, with a focus on practical examples such as VirusTotal integration. Witness demonstrations of NetTraveler analysis and dynamic binary instrumentation. Gain insights into debugging scripts, export table navigation, and essential wisdom for aspiring reverse engineers. Conclude with a Q&A session to address lingering questions about this complex and evolving discipline.
Syllabus
Intro
RE telling me to stop doing RE?
Who is this talk for?
Outline
My Approach to Malware RE
Today and the future...
What's actually changed?
Automating some of the things...
So how do I do it?
Sandboxes cont...
API Usage Example: VT
Demo: NetTraveler...
Dynamic Binary Instrumentation
Debugging Scripts... Demo
IMAGE_EXPORT_DIRECTORY
Walking the Export Table...
Words of wisdom
Questions?
Related Courses
Practical Uses of Program Analysis - Automatic Exploit GenerationNorthSec via YouTube Dynamic Binary Instrumentation Techniques to Address Native Code Obfuscation
Black Hat via YouTube Security Instrumentation - The Future of Software Security
LASCON via YouTube Android Rootkits - Analysis from Userland and Kernelland
RSA Conference via YouTube Finding 0days in Embedded Systems with Code Coverage Guided Fuzzing
BruCON Security Conference via YouTube