Reverse Engineering Malware 101 – Penetration Testing in Linux

Reverse Engineering

“is the processes of extracting knowledge or design information from anything man-made and re-producing it or re-producing anything based on the extracted information” [1]

What does it mean to be a reverse engineer?

You can

Take things apart to figure out how it works

Love puzzle solving

Develop experiments and tools

Think outside the box

Constantly learn new things

Game Plan

Determine what are the goals

Get to just what you need, or

Know enough to recreate it

Use reconnaissance and triage skills to determine a target starting point

Work step by step to get to your goals

Record your findings through the analysis

Analysis Flow for Malware Analysis

Setup a baseline analysis environment

Triage to determine a starting point

Static Analysis – Get a sense of where everything is before debugging

Dynamic Analysis – Determine behaviors that can’t be understood by static analysis

Manual Debugging – Stepping through the program to navigate to your goals

Get it now.

The post Reverse Engineering Malware 101 appeared first on Penetration Testing in Linux.


Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do

Você está comentando utilizando sua conta Sair /  Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair /  Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair /  Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair /  Alterar )


Conectando a %s