WINDOWS MALWARE ANALYSIS AND MEMORY FORENSICS

Homepage / Trainings /WINDOWS MALWARE ANALYSIS AND MEMORY FORENSICS

Private Trainings​

Training Details

  • Training Length – 3 Days
  • Venue – Virtual / On-Site 

 What Will Students Learn 

  • How malware and Windows internals work
  • How to create a safe and isolated lab environment for malware analysis
  • Tools and techniques to perform malware analysis
  • How to perform static analysis to determine the metadata associated with malware
  • How to perform dynamic analysis of the malware to determine its interaction with process, file system, registry, and network
  • How to perform code analysis to determine the malware functionality
  • How to debug malware using tools like IDA Pro and x64dbg
  • How to analyze downloaders, droppers, keyloggers, fileless malwares, HTTP backdoors, etc.
  • Understanding various persistence techniques used by the attackers
  • Understanding different code injection techniques used to bypass security products
  • What is Memory Forensics and its use in malware and digital investigation
  • Ability to acquire a memory image from suspect/infected systems
  • How to use open source advanced memory forensics framework (Volatility)
  • Understanding of the techniques used by Rootkits(code injection, hooking, etc.)
  • Investigative steps for detecting stealth and advanced malware
  • Techniques to hunt malwares

Course Description

This course will introduce attendees to the basics of malware analysis, reverse engineering, Windows internals, and memory forensics and then it gradually progresses deep into more advanced concepts of malware analysis & memory forensics. Attendees will learn to perform static, dynamic, code, and memory analysis. To keep the training completely practical, it consists of various scenario-based hands-on labs after each module which involves analyzing real-world malware samples and investigating malware infected memory images (crimewares, APT malwares, Fileless malwares, Rootkits, etc). This hands-on training is designed to help attendees gain a better understanding of the subject in a short span of time. Throughout the course, the attendees will learn the latest techniques used by the adversaries to compromise and persist on the system. In addition to that, it also covers various code injection, hooking, and rootkit techniques used by adversaries to bypass forensic tools and security products. In this training, you will also gain an understanding of how to integrate malware analysis and memory forensics techniques into a custom sandbox to automate the analysis of malicious code. 
 

Who Should Take This Course

  • This course is ideal for Windows Malware Researchers, Penetration testers, Security researchers, kernel developers, or anyone keen to understand the fundamentals of Windows Malware Reverse Engineering.
Share This :

CONTACT US

Please share with us the project requirements and the goals you want to achieve,  and one of our sales representatives will contact you within one business day.

Our Location

51 Pleasant St # 843, Malden, MA, Middlesex, US, 02148

General and Business inquiries

contact@8ksec.io

Trainings

trainings@8ksec.io

Press

press@8ksec.io

Phone

+1(347)-4772-006

SEND ENQUIRY