| layout | permalink | title |
|---|---|---|
default |
/RE101/intro/ |
Intro |
Go Back to Reverse Engineering Malware 101
"is the processes of extracting knowledge or design information from anything man-made and re-producing it or re-producing anything based on the extracted information" [1]1
-
Take things apart to figure out how it works
-
Love puzzle solving
-
Develop experiments and tools
-
Think outside the box
-
Constantly learn new things
-
Determine what are the goals
- Get to just what you need, or
- Know enough to recreate it
-
Use reconnaissance and triage skills to determine a target starting point
-
Work step by step to get to your goals
-
Record your findings through the analysis
-
Setup a baseline analysis environment
-
Triage to determine a starting point
-
Static Analysis - Get a sense of where everything is before debugging
-
Dynamic Analysis - Determine behaviors that can’t be understood by static analysis
-
Manual Debugging - Stepping through the program to navigate to your goals