Welcome back, aspiring cyberwarriors! In Greek mythology, Medusa was once a beautiful woman until Athena’s curse transformed her into a winged creature with a head full of snakes. She is seen as both a monster and a protector, possessing the power to turn anyone who gazes upon her face to stone. Ransomware groups often adopt […]
Continue Reading
Process injection is one of those stealthy techniques malware loves to use to stay under the radar. By injecting malicious code into legitimate processes, attackers can hide in plain sight, making detection a real challenge. In this post, I’ll walk you through an actual malware sample that uses process injection, breaking down how it works. […]
Continue Reading
Ransomware is always evolving, and Cactus is no exception. When I came across this sample, I knew it was worth a closer look. It’s built to obfuscate, encrypt, and evade, but like any malware, it leaves behind clues. In this series, I’ll walk you through the process of analyzing Cactus ransomware, starting with static analysis. […]
Continue Reading
In this series, we are examining how to reverse engineer malware to understand how it works and possibly re-purposing it. Hackers and espionage agencies such as the CIA and NSA, regularly re-purpose malware for other purpose. Previously, we looked at the basics of IDA Pro, the most widely used disassembler in our industry. In this […]
Continue Reading
Welcome back, my aspiring cyber warriors! There are a number of excellent tools available to use in the field of reverse engineering (see Reverse Engineering, Part 3: Getting Started with IDA Pro and Part 5: Getting Started with OllyDbg ), but now we have an excellent new option known as Ghidra. Ghidra was developed by […]
Continue Reading
Welcome back, my aspiring malware analysts! In previous tutorials here, I have demonstrated the power of such reversing and disassembly tools as Ollydbg, IDAPro and Ghidra. In this tutorial I’d like to share and demonstrate a few simpler tools that you are certain to want to have in your malware analysis toolbox. Each of these […]
Continue Reading
In this series, we are examining how to reverse engineer malware to understand how it works and possibly re-purposing it. Hackers and espionage agencies such as the CIA and NSA, regularly re-purpose malware for other purpose. Previously, we looked at the basics of IDA Pro, the most widely used disassembler in our industry. In this […]
Continue Reading
Welcome back, my aspiring cyber warriors! Reverse engineering is one of the most highly sought and most valuable cybersecurity/infosec skills. Few people have developed their skill levels to be proficient in this highly sought after skill. Ghidra is a relatively new and free reverse engineering tool from the US spy agency, NSA. In this tutorial, […]
Continue Reading
In my introductory article in this new series, I attempted to lay out the merits of why you should study Reverse Engineering Malware. I’m hoping that you found that argument compelling enough that you have come back and are ready to dedicate yourself to this exciting discipline. I’m sure your hard work and dedication will […]
Continue Reading
Welcome back, my aspiring cyber warriors! Reverse engineering malware is among the highest-level skill sets in our discipline and it’s salaries reflect elevated position in the cyber security ecosystem. It requires years of diligent study to become proficient and this is good place to start. If you have not yet done so, go back and […]
Continue Reading
Build a Strong Foundation in Cybersecurity with the Cybersecurity Starter Bundle, which now includes:
DIGITAL FORENSICS AND ANTI-FORENSICS
Only $189!
If you purchased all this material separately it would cost over $1,000
Unlock access to Linux, Networking, Sec+ 701 certification, Radio Basics, Python, Wi-Fi Hacking, Remaining Anonymous, Cryptography, Wireshark, Nmap and more! Master OTW’s upcoming book Python Basics for Hackers and his best selling books Linux Basics for Hacker and Network Basics for Hackers are also included.
WIN A FREE 3-YEAR TRAINING PACKAGE
