EvilZone
Hacking and Security => Reverse Engineering => Topic started by: XssRoot on March 30, 2011, 12:33:35 AM
-
A very good article on malware analysis using basic tools though its kinda basic but may help few :)
http://www.blackhat.com/presentations/bh-dc-07/Kendall_McMillan/Paper/bh-dc-07-Kendall_McMillan-WP.pdf
-
Simple, but it's a starting point for people who don't know about RE.
-
Links i found helpful
http://www.emre.de/wiki/index.php/MWC2008 (http://www.emre.de/wiki/index.php/MWC2008)
http://zeltser.com/reverse-malware-paper/ (http://zeltser.com/reverse-malware-paper/)
Top one is the winner of malware challenge 2008 and the procedure he used to reverse the malware, good read and shows fundamentals
Also try this linux distro
http://zeltser.com/remnux/ (http://zeltser.com/remnux/)
Has guides how to use it as well
-
Yeah its for the starters :)
-
Links i found helpful
http://www.emre.de/wiki/index.php/MWC2008 (http://www.emre.de/wiki/index.php/MWC2008)
http://zeltser.com/reverse-malware-paper/ (http://zeltser.com/reverse-malware-paper/)
Top one is the winner of malware challenge 2008 and the procedure he used to reverse the malware, good read and shows fundamentals
Now these are friggin thorough. The first one is a nice read.
I don't get all the VMs though. I'm used to anti-everything included in bots, using a VM is not considered proper analysis since they're so easy to detect. A good analysis should be done on real computers, not in VMs or Sandboxes.
-
http://computer-forensics.sans.org/community/downloads/ (http://computer-forensics.sans.org/community/downloads/)
This should be nice for anyone that's doing PC forensics studies and work.I have not tried it myself.It seems like it's an ubuntu-based distro.