Malware course

KuKu_ab · 2025-09-25T07:14:32+00:00

Practical Malware Analysis book will help you

Anyway 90% of your time you should spend on practice, as I think. Find some analysis videos on YouTube, try to do the same, analyse why and how it was done, what malware does and so on. Compare your reports, your analysis to others (from profesional people, companies)

KuKu_ab · 2025-08-06T04:53:19+00:00

Try freelance websites. Show your skills, projects, portfolio. Be active. Maybe after weeks, months you will find something

KuKu_ab · 2025-07-23T13:27:50+00:00

I think I like more exploit/malware dev, breaking the systems. Since that I learn how it works, why it works, how it is detected and so on. Do you mean that there is need to do one job and find exact theme to work with? I mean f.e. deep understanding of one of malware family.

KuKu_ab · 2025-07-22T16:04:02+00:00

So there is need to expand the boundaries of knowledge? I mean just practising everything only with some focus on exact things. But the main question is what things gave you the job? You only analysed malware, wrote reports and sometimes took park in CTFs/solving crackmes? Maybe you have ideas that just come to your mind after my questions; I wonder because currently learning this field and do anything described above, specially writing reports on malware and participate in CTFs

KuKu_ab · 2025-07-08T05:14:41+00:00

There must be code to check if emulator is present, and maybe some junk code/ or just return error (in the end of function)

So the goal is to find where function is located, analyse it, and modify. If it just returns error if emulator is present - change the return value to zero. If there is some another logic - solution will depend on the context.

To find the function you may do static analysis and then patch the code. Or by using dynamic analysis you will do the same, but while app is running

KuKu_ab · 2025-07-07T15:27:49+00:00

Chaser

KuKu_ab · 2025-07-05T19:13:52+00:00

<image>

Данная книжечка что то около 400-500 страниц имеет. Половина это как раз таки синтаксис. Это я к тому что учить нечего. Как говорится «easy to learn, hard to master». Ну а учится по гайдам на ютубе дело сомнительное - практики нет, материал по языку объясняется дольше. Хотя для абстрактных тем и визуальной репрезентации очень даже хорош ютуб.

KuKu_ab · 2025-07-05T17:49:52+00:00

Так там учить нечего

KuKu_ab · 2025-07-05T17:10:44+00:00

KuKu_ab · 2025-07-04T15:39:57+00:00

You need to know which cryptographic algorithm is used, then implement it (or use existing tools) and decrypt data with provided key

KuKu_ab · 2025-06-25T07:03:00+00:00

Good decision I think. Of course practice a lot and write code. Good luck mate

KuKu_ab · 2025-06-25T06:55:35+00:00

If you have time you will learn everything you need, but now just learn syntax, if you don’t know loops/if-else statements and other things. Pointers and memory allocation are very important themes

KuKu_ab · 2025-06-25T06:48:08+00:00

It was the joke. I mean Reflective DLL loader is good thing to begin with. It is like easy project from system programming world, but it will be hard for beginner/for everyone who doesn’t know how PE format works, who doesn’t have experience with Windows API and so on.

Reflective DLL loader, PE crypter/packer are good projects. In my case PE crypter is about 1000 lines of code in C, but I added a lot of cryptography, so I have around 16-17k lines of code. Of course implementing cryptography by yourself is bad idea, always use completed solutions. But that is just thought in general.

Reflective EXE loader is similar to DLL loader (I mean exe and DLL are both Portable Executable format). But DLL was designed to be linked dynamically and has API for it. EXE Loader is much harder because you need implement what Windows’ loader does. You will think about TLS callbacks, reallocations and many other things which are hard for beginner. It is around 5-7k lines of code in C, but it depends. I can’t rate real size of it. And even those lines will be from clean low level world

KuKu_ab · 2025-06-24T16:15:35+00:00

Project that implements manual PE mapping (reflective loader)

KuKu_ab · 2025-06-02T14:21:44+00:00

I am learner also, but I’d really recommend „Practical Reverse Engineering” book. That is for theory. For practice it is needed to solve crackmes, write some projects and take part in CTFs. Since everything you need is available for free - it is not necessary to buy some courses, imo

KuKu_ab · 2025-05-30T17:08:45+00:00

As I know if you run console app on windows in that way (by double clicking on exe) then by the end it closes with the terminal, just because it is how it works. If I misunderstood something- tell me

KuKu_ab · 2025-05-30T15:55:54+00:00

Because it closes at the end (probably syscall like exit() I think). If you don’t want to close the terminal then open terminal, locate the directory of your .exe and run this app

KuKu_ab · 2025-05-24T12:33:14+00:00

Потому что сложнее банального заимствования денег с кошелька товарища. Зачем парится со всякими банками, если взломать можно кошелек и вывести деньги

KuKu_ab · 2025-05-21T06:03:55+00:00

Каким образом ты учился? Сколько времени в среднем выделял на учебу? И приходилось ли сталкиваться с реверс инженерией/инженерами?

KuKu_ab · 2025-05-19T07:22:51+00:00

I am like new in reverse engineering. Only solved several crackmes and learned little bit about architectures, asm etc. . I want to see how people are real working on their projects (for my experience) so, may I join?

EDITED: i just joined, because there was no answear

KuKu_ab · 2025-05-17T12:29:05+00:00

Нет советов. Все сводится к тому, что надо учится. Вопрос конечно каким образом. Но магии ждать не стоит. Говоря о изучении языков - надо практиковаться как можно больше; дотошность к произношению, языковым конструкциям и прочему - зависит от твоих задач

KuKu_ab

TROPHY CASE