Scribd
Upload
52 views5 pages

PRACTICES

The document provides a comprehensive list of free downloadable tools required for a course, including Upx, Explorer Suite, and Wireshark, along with their respective download links. It also outlines various practical exercises related to malware analysis, coding, and DLL analysis, specifying the resources and tools needed for each practice. Each practice focuses on different aspects of malware handling, such as file type identification, fingerprinting, and keylogger detection.

Uploaded by

BH O
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
52 views5 pages

PRACTICES

The document provides a comprehensive list of free downloadable tools required for a course, including Upx, Explorer Suite, and Wireshark, along with their respective download links. It also outlines various practical exercises related to malware analysis, coding, and DLL analysis, specifying the resources and tools needed for each practice. Each practice focuses on different aspects of malware handling, such as file type identification, fingerprinting, and keylogger detection.

Uploaded by

BH O
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Free downloadable tools we’ll need on this course

1. Upx, [Link]
2. Explorer Suite (Cff Explorer) [Link]
3. Pe Studio [Link]
4. Bintext [Link]
5. Floss [Link]
6. Ssdeep [Link]
7. Sysinternals suite (Autorun, Procmon), [Link]
us/sysinternals/downloads/sysinternals-suite
8. Process hacker [Link]
9. Microsoft Visual Studio [Link]
downloading-visual-studio/?sku=Community&rel=16  Visual Studio is pretty much
plug and play installation, but make sure you install this:

If you forgot, just use Visual Studio Installer to add both components.
10. Python [Link]
11. Noriben [Link]
12. IDA Pro free version [Link]
[Link]/products/ida/support/download_freeware/
13. x32dbg [Link] (it downloads both versions 32-64)
14. Windows 10, 90 days trial -> [Link]
windows-10-enterprise
15. Ubuntu or Kali Linux (we’ll use kali, recommended), Ubuntu -> [Link]
[Link]/releases/18.04.2/

Kali Linux -> [Link]

16. Virtual Box -> [Link]


17. Inetsim software -> [Link]
18. Inetsim oficial install instructions -> [Link]
19. Wireshark: [Link]
20. .Net reactor [Link]

PRACTICES

Practice 1
Title: File Type Resources
Malware Free tools Web sites
[Link] pe studio trID
cff explorer Hexadecimal
converter
Portable Executable
(PE) format
Practice 2
Title: Fingerprinting Resources
Malware Free tools Web sites
[Link] pe studio Online hash
generator
cff explorer
ssdeep

Practice 3
Title: Strings Resources
Malware Free tools
[Link] floss64
bintext

Practice 4
Title: Obfuscation Resources
Malware Free tools
[Link] IDA Pro free version
upx
cff explorer

Practice 5
Title: Catching Resources
Keylogger
Malware Free tools
[Link] Autorun
pe studio

Practice 6
Title: Catching Resources
Keylogger traffic 1/2
Malware Free tools
[Link] cff explorer
pe studio
bintext
wireshark
inetsim (Installation on
section: Setting up the Lab)
Practice 7
Title: Catching Resources
Keylogger traffic 2/2
Malware Free tools
[Link] Process hacker
inetsim (Installation on
section: Setting up the Lab)
procmon

Practice 8
Title: Coding Resources
Remote dll injection
Malware Free tools
Inject7 source code Microsoft Visual Studio
[Link] Process hacker

Practice 9
Title: Coding Resources
malware into dlls
Malware Free tools
dll4 source code Microsoft Visual Studio

Practice 10
Title: DLL analysis Resources
with rundll32
Malware Free tools
dll4 source code Microsoft Visual Studio
dll8 source code Process hacker
cff explorer
rundll32 (native Windows
tool)

Practice 11
Title: DLL analysis Resources
with x32dbg
Malware Free tools
[Link] Microsoft Visual Studio
x32dbg
Practice 12
Title: DLL analysis Resources
combining x32dbg,
rundll32 and
procmon
Malware Free tools
[Link] Microsoft Visual Studio
x32dbg
procmon
rundll32 (native Windows
tool)

Practice 13
Title: DLL analysis Resources
with Noriben
Malware Free tools
[Link] python
noriben
procmon
rundll32 (native Windows
tool)

Practice 14
Title: Keylogger Resources
TotalAware3 code
review
Malware Free tools Web sites
TotalAware3 source Microsoft Visual Virtual key codes
code Studio
Ascii table

Practice 15
Title: TotalAware2 Resources
facebook spy
module
Malware Free tools
TotalAware2 source Microsoft Visual Studio
code
Practice 16
Title: TotalAware2 Resources
keyboard listener
Malware Free tools
TotalAware2 source Microsoft Visual Studio
code

Practice 17
Title: Rams1 code Resources
review
Malware Free tools
Rams1 source code Microsoft Visual Studio

Practice 18
Title: DecryptRams1 Resources
code review
Malware Free tools
DecryptRams1 Microsoft Visual Studio
source code

Practice 19
Title: Catching Resources
Rams1 with
wireshark
Malware Free tools
[Link] Microsoft Visual Studio
inetsim (Installation on section: Setting
up the Lab)
wireshark

Practice 20
Title: Adding Resources
Complexity layers to
Rams1 2/2
Malware Free tools Web sites
[Link] .Net reactor Virus Total

You might also like