ArchiveAbout Us

👾Malware and Reverse Engineering Resources

A compiled list of resources, certifications, and training to help you on your Malware Analysis and Reverse Engineering Journey

*Disclaimer: These resources are for your educational pursuits in learning Malware Analysis and Reverse Engineering. It is highly discouraged to use these resources for anything other than educational pursuits and the author is not liable for what you do in your own time.... so be good.*

Malware Analysis Certifications

  1. (GREM) Giac Reverse Engineering and Malware by SANS https://www.giac.org/certifications/reverse-engineering-malware-grem/

  2. (PJMR) Practical Junior Malware Researcher by TCM Security https://certifications.tcm-sec.com/pjmr/

Malware Analysis and Reverse Engineering Training

  1. FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques https://www.sans.org/cyber-security-courses/reverse-engineering-malware-malware-analysis-tools-techniques/

  2. FOR710: Reverse-Engineering Malware: Advanced Code Analysis https://www.sans.org/cyber-security-courses/reverse-engineering-malware-advanced-code-analysis/

  3. Cracking Lessons (CSL/CSP/MDV1/MDV2) https://www.crackinglessons.com

  4. Practical Malware Analysis and Triage https://academy.tcm-sec.com/p/practical-malware-analysis-triage

  5. Ultimate Malware Analysis by Zero2Automated https://lnkd.in/dN7v2zNj

  6. OALabs RE101/201/504 https://www.patreon.com/oalabs https://github.com/OALabs/Lab-Notes https://github.com/OALabs/research https://research.openanalysis.net/

  7. Malware Analysis Fundamentals by Let's Defend https://lnkd.in/dSDUeyP7

  8. CS6038/CS5138 Malware Analysis https://class.malware.re/

  9. Malware Analysis CSCI 4976 by RPISEC https://github.com/RPISEC/Malware

  10. Reverse Engineering 101/102 by Malware Unicorn https://malwareunicorn.org/workshops/re101.html#0 https://malwareunicorn.org/workshops/re102.html#0

  11. Mandiant:

    1. Essentials of Malware Analysis

    2. Malware Analysis Fundamentals

    3. Malware Analysis Crash Course

    4. Malicious Documents Analysis

    5. Advanced Red Teaming Techniques: Malware Authoring and Repurposing

    6. Malware Analysis Master Course

  12. https://vimeo.com/30076325

  13. https://vimeo.com/30594548

  14. https://youtu.be/Pg8bmV9vcKg

  15. https://malwareunicorn.org/workshops/re101.html#0

  16. https://malwareunicorn.org/workshops/re102.html#0

  17. https://github.com/cspinstructor/github-crackmes

  18. https://signal-labs.com/self-paced-trainings/ $$

  19. https://www.reverse-engineer.net/ $$$$

  20. https://www.maldevacademy.com/

Books:

  1. Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software https://lnkd.in/dmyhKDBV https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901

  2. Malware Analysis Detection Engineering https://www.amazon.com/Malware-Analysis-Detection-Engineering-Comprehensive/dp/1484261925

  3. Malware Analyst’s Cookbook https://www.amazon.com/Malware-Analysts-Cookbook-DVD-Techniques/dp/0470613033

  4. Reversing: Secrets of Reverse Engineering https://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Eilam/dp/0764574817

  5. (Threat Intel Book) Operationalizing Threat Intelligence https://www.amazon.com/Operationalizing-Threat-Intelligence-operationalizing-intelligence/dp/1801814686

Blogs:

  1. https://n1ght-w0lf.github.io/

  2. https://farghlymal.github.io/

  3. https://dr4k0nia.github.io/

  4. https://t.co/b2pPNUs5tc

  5. https://t.co/0MmaO0sits

  6. https://t.co/FWLPHDgLAJ

  7. https://forensicitguy.github.io/

  8. https://squiblydoo.blog/blog/

  9. https://blog.bushidotoken.net/

  10. https://t.co/Foaierv2hu

  11. https://t.co/f6I7ZPWGM7

  12. https://protectedmo.de/brute.html

  13. https://t.co/Z6AlMCeCzS

  14. https://t.co/i4OjTGjLcL

  15. https://russianpanda.com/2023/06/28/Meduza-Stealer-or-The-Return-of-The-Infamous-Aurora-Stealer/

  16. https://exploitreversing.com/ - really good malware blogs

  17. http://fumalwareanalysis.blogspot.com/p/malware-analysis-tutorials-reverse.html?m=1

  18. https://cyb3rkitties.github.io/posts/malware-analysis-reverse-engineering-beginner-study-plan/

  19. https://squiblydoo.blog/2023/06/05/understanding-pe-bloat-with-malcat/

  20. https://legend.octopuslabs.io/sample-page.html

  21. https://gitlab.com/39iosdev/ccd-iqt/idf/C-Programming

  22. https://vxug.fakedoma.in/

  23. https://github.com/guyinatuxedo/nightmare

  24. https://zeltser.com/malicious-software/ —Author of GREM (Great blog)

RE Microsoft Defender

https://github.com/0xAlexei/WindowsDefenderTools

RECON-BRX-2018-Reverse-Engineering-Windows-Defender-s-JavaScript-Engine.pdf

us-18-Bulazel-Windows-Offender-Reverse-Engineering-Windows-Defenders-Antivirus-Emulator.pdf

Malware/RE Practice Ranges

  1. RE malware source code and samples (VXUnderground)

    1. https://github.com/vxunderground/MalwareSourceCode

    2. https://github.com/vxunderground/VX-API

  2. Malware Zoo with a large collection of malware in a single python database

  3. https://github.com/ytisf/theZoo

  4. https://malwiki.org/index.php

  5. Flare-On CTF collections

  6. https://flare-on.com/

  8. https://cyberdefenders.org/

Tools

  1. https://malcat.fr/

  2. Flare-VM https://github.com/mandiant/flare-vm

  3. Binary Ninja

    1. https://binary.ninja/

Security Research Groups Within Companies:

Tyto athene

Cisco Talos

Palo Alto Unit42

Mandiant

CrowdStrike

Carbon Black

Google project zero

Last updated