If you're comfortable with behavioral malware analysis (MA100) and the Assembly skills needed for reverse engineering (MA150) then you are ready for this more advanced malware analysis class. You will learn how to disassemble and debug both purpose-built and real-world malware using industry leading tools such as IDA Pro. After mastering the basics, you will be challenged to analyze more advanced malware that obfuscates and protects itself using anti-debugging and other anti-analysis techniques. You will be taught how to patch programs in order to restrict their functionality, and crack them to get access to hidden or encrypted areas. Students will leave this course armed to tackle some of the most advanced malicious software used in modern system intrusions.
Converting Source Code to Assembly.
Intel CPU memory management and structures.
CPU control flows.
IDAPro, OllyDBG, and other common tools.
Stepping, stepping over and running code using a Debugger.
Breakpoint fundamentals and usage.
Patching and assembling executables.
Decrypting and unpacking protected programs.
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.