blog post about malware analysis
This commit is contained in:
parent
894606f9f9
commit
22af4ae626
12
content/blog/2024-08-28-practical-malware-analysis.md
Normal file
12
content/blog/2024-08-28-practical-malware-analysis.md
Normal file
|
@ -0,0 +1,12 @@
|
|||
+++
|
||||
title = "I want to learn malware analysis (again)"
|
||||
[taxonomies]
|
||||
tags = ['malware analysis']
|
||||
+++
|
||||
|
||||
The heading says it all: I *really* want to learn malware analysis. Ever since I finalized the [Practical Malware Analysis & Triage](https://academy.tcm-sec.com/p/practical-malware-analysis-triage) course by [TCM Security](https://academy.tcm-sec.com/), I was hooked. I 💚loved💚 the entire course, especially diving deep into binaries, (trying) reverse engineering, debugging. I went through all the material, did the labs and wrote up a report, a (very shallow) static and dynamic analysis of a WannaCry-sample. I found my niche (or so I thought...)
|
||||
|
||||
## Rabbit holes
|
||||
|
||||
One thing that bothered me throughout the course, was the lack of direction and stable ground when investigating and debugging binaries. I found myself stuck reverse engineering functions that were not user written code (C runtime for example). I got close to a particularly interesting part, stepping into and over functions, all to ultimately never reach that goal of finding a specific return value or determining a critical execution flow junction. So I thought to myself: what's the best way to learn how programs work, and flip them inside out? By building them myself! With that motivation, I dove deep back into Python 🐍, thinking, this will be a good starting ground to hop over to C 🖥️ later. But...I think I got stuck at the first step! 🛑 Over the last year, I got really hooked on programming. Some of the stuff I (partially) made:
|
||||
|
Loading…
Reference in New Issue
Block a user