The Beginner Malware Analysis Course

  • Home
  • The Beginner Malware Analysis Course

The Beginner Malware Analysis Course: What Is It?

The Beginner Malware Analysis Course was developed with newcomers to the industry in mind. After receiving a lot of the same questions about “how to become a malware analyst”, we soon realised that there was very little structured information out there revolving around the malware analysis and reverse engineering “sphere” that was easily digestible by beginners, including where to even begin. That is where The Beginner Malware Analysis began, and since it’s initial release we have taught over 1,500 students, as well as developed further courses aimed at different levels; amassing over 4,500 students in total.

Prior to developing the course, we analysed the other offerings on the market, only to realise the criticism was all the same; lack of modern samples, not beginner-centric enough, all theory no practical, not enough malware “diversity”, and so on. Therefore, we set out to create a course that was not only easily digestible by beginners, but also built on the researched criticism, by placing a large focus on practical analysis of modern malware samples, covering different formats of malware, and structuring the course in a methodical format.

If you are looking to start a journey into Malware Analysis, look no further than “The Beginner Malware Analysis Course” by @0verfl0w_. It is pieced together perfectly for beginners like myself. It also helps that you get real-world examples to test with!
Sevuhl
@Sevuhl

The Beginner Malware Analysis Course: What Is Unique About It?

Our goal when developing any course is to make it as accessible as possible.
We could charge thousands of dollars for a course, but we believe that knowledge should be accessible to everyone, regardless of how specialized the industry is.
Therefore, upon purchasing the course you will receive lifetime access to all the outlined material, meaning no recurring payments and hidden costs.

When it comes to the course material, we focus on providing the most relevant information, with the most relevant practical examples.
Stuxnet might be interesting to look at and see how it was used to cause substantial damage to nuclear centrifuges, but nowadays the reality is most anti-malware software is fairly sophisticated, meaning malware has had to evolve considerably to evade detection.
Most malware samples use several layers of obfuscation, encryption algorithms, and compression, to slow down both anti-malware software and malware analysts.
As a result, we will only be focusing on the latest malware families, from Hancitor Word Documents to PandaBanker Configurations.

For malware analysis, this course is great
BlueTeamBlog
@blueteamblog

The Beginner Malware Analysis Course: Prerequisites

The course is aimed entirely at beginners, so no knowledge of malware analysis and reverse engineering is necessary. We build from the ground up, going through the common variants of malware, to the basics of x86 assembly, up to being able to reverse engineer your first compiled malware sample!

And if you’re not a beginner in the field and have a few years under your belt as a forensics investigator, incident responder, red teamer, or even a junior malware analyst, this course contains relevant material to you too! At the end of the course, you will be able to reverse engineer compiled malware with ease, methodically walking through it to reach your goal, whether that is an analysis of it’s features, or a fully automated system to extract key indicators of compromise, such as a hardcoded configuration containing the secondary command and control server addresses.

Have more experience in the malware reverse engineering field, or looking to move from a sector such as exploit development?
The Zero2Automated Course might be right for you!

[The Beginner Malware Analysis Course] by @0verfl0w_ is an awesome start
Steve
@TanukiSec

The Beginner Malware Analysis Course: Syllabus

The Beginner Malware Analysis Course contains 5+ hours of course content, that you can revisit whenever you choose to. Additionally, the course is entirely self-paced, meaning there is no rush to complete modules in time for an examination! The syllabus is as follows:

Setting up FlareVM, alongside useful tools and a network traffic interception machine.

Covering different variants of malware, as well as common terminology

Reverse engineering .NET malware using DNSpy, with both dynamic and static analysis.

Learning the basics of x86 Assembly, from basic instructions to registers.

Looking at the ins-and-outs of IDA and x32/x64dbg, and other industry standard tools.

Reverse engineering compiled malware, focusing on string encryption, API resolving, and configuration extraction.

Examining the internals of malicious documents, used to distribute malware.

Analysing communications between a malware implant and a remote C2, using WireShark and InetSim.

Looking at basic algorithms in use by malware to slow down analysis.

Tips and tricks to unpack malware in order to get to the main payload.

I have been doing analysis on a small scale for the company I work for and while I know a lot of the things you are talking about, it is nice to watch someone do it in real time. I also picked up on techniques that will help me get answers quicker for the clients we deal with. When you are talking through what you are doing it helps me a lot more than you know. If you put out more, I will purchase again.
TGVl
@TGVl2

The Beginner Malware Analysis Course: Frequently Asked Questions

Yes! Upon purchasing the course, you gain immediate lifetime access, allowing you to come back every few months to look at specifics! No additional payments, no additional worries! Furthermore, further content will be added to the course over time, which you will also gain access to, free of charge!

Unfortunately the course videos cannot currently be accessed offline.

Both Stripe (Credit Card/Debit Card payments) and PayPal are the main supported payment processors of the platform, however if these are an issue for you, we may be able to work out possible payment methods – in that case, please see the “How can I contact you” answer.

At the current point in time, no certification is provided for The Beginner Malware Analysis Course.

You can contact us via the contact form below, through Twitter (@0verfl0w_) or via e-mail: daniel@0ffset.net!

Further Questions?

Looking for answers to a question not answered above? Feel free to drop us a message using the contact box below, and we will get back to you as soon as possible!

    Receive the latest news

    Subscribe & Stay Tuned

    Stay updated on new course releases and related InfoSec content