Hi Jason, This is something I saved from a recent reddit thread - unfortunately I've since lost the link on the discussion but here's the text.
> > Ive taught myself everything I need to know to do decent static analysis. > Im still a beginner, but learn more everyday. > Im a networking student i.e. no programming other than high level > scripting, no low level understanding of operating systems, no > understanding of encoding, and no understanding of advanced maths. > My starting level was literally 0. > Ill tell you exactly what my path of learning was. > 1)buy the practical malware analysis book. > 2)read the first few chapters(basic static and dynamic analysis) > 3)get to the "A crash course in assembly" chapter. In my case I couldnt > even understand a single x86 instruction. This chapter is a crash course, > so this was not clear enough for a beginner like me. I spent a few weeks > reading many websites for x86 guides. The amazing thing I discovered was > that assembly is terribly easy to understand. The main problem is that all > sources I found were boring or over complicating things(maybe because of my > lack of low level understanding..). > 4) At this point I was able to read assembly. I found an amazing video > series:http://www.youtube.com/watch?v=wqGepeYntFo. This video series > taught me how to recognize high level programming structures in > assembly(this obviously makes malware analysis a lot easier). > After you fully understand the bomb.exe exercises(Now I think about it, I > may have only done day 1 of the series) from the video series, you are at a > competent level for reverse engineering. > 5) Continue reading the book. You will learn about more about > dissasembler(IDA pro) and debuggers (Ollydbg and Windbg). > 6)To practice debugging, I spent a few weeks doing "crackme's". These are > little cracking challenges. Try not to use IDA pro at all for these. > 7) At the moment I'm creating programs in C++ using the windows API. And > at the same time learning more about cryptography(by creating decoders in > C++ and assembly). > Of course your path will be different, but I hope this step-by-step guide > will give you a general idea. Hope this helps, Scott Scott Runnels On Thu, Apr 25, 2013 at 6:43 AM, Jason Long <[email protected]> wrote: > Hello Folks. > Can you offer me some information about Malware analysis? How can I do it? > Can you show me a book in this field? > > Cheers. > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
