I just wanted to share this really good resource.
Course Repository for University of Cincinnati Malware Analysis Class (CS7038)
Note: this material is constantly changing, please visit http://class.malware.re/ for the latest updates and information.
Introduction to Malware Analysis and Reverse Engineering
CS7038 Malware Analysis Department of Electrical Engineering and Computing Systems
College of Engineering and Applied Science
University of Cincinnati
Meets every Tue/Thu in 645 BALDWIN HALL @ 3:30PM-4:50PM
Want to participate?: Apply to Graduate School Here
This class will introduce the CS graduate students to malware concepts, malware analysis, and black-box reverse engineering techniques. The target audience is focused on computer science graduate students or undergrarduate seniors without prior cyber security or malware experience. It is intended to introduce the students to types of malware, common attack recipes, some tools, and a wide array of malware analysis techniques.
In general, if you’ve taken the following courses, you should have a good foundation for the class:
CS4029/6029 - Operating Systems
CS2029 - Data Structures
Course syllabus
Syllabus (subject to change)
Lectures/notes (from 2018 class)
2018-04-03 - Debugging and VM Detection (lecture)
2018-03-20 - Document Format Analysis (lecture)
2018-02-22 - Malware Research Online (lecture)
2018-02-20 - Code-based Yara String Matching (lecture)
2018-01-25 - Container Model for Streams/Files and Deconstructing the Attack (lecture)
2018-01-18 - VirtualBox Lab Example Attacks & Analysis (lecture)
2018-01-16 - VirtualBox Lab Setup and Crash Course II (lecture)
Lectures/notes (from prior classes)
2017-03-07 - Analysis of PDF Documents (lecture)
2017-03-02 - Analysis of Complex Data Structures (lecture)
2017-02-28 - Numeric Data Encoding, Arrays, and Memory Analysis (lecture)
2017-02-23 - Demo of Static Code Analysis Using Objdump, IDA Free, and Yara (lecture)
2017-02-21 - Demo of Static Analysis Using Strings (lecture)
2017-02-14 - Assembly Language Crash Course (Pt. 2), A Deeper Dive (lecture)
2017-02-09 - Assembly Language Crash Course (Pt. 1) (lecture)
2017-02-07 - Static Analyzers (Yara, vscan, ClamAV) (lecture)
2017-02-02 - Applying Static Analysis (lecture)
2017-01-31 - Static Analysis Introduction (lecture)
2017-01-26 - Malware Research Online (lecture)
2017-01-24 - Malware Taxonomy and Terminology (lecture)
2017-01-19 - Analyzing the Attack With Basic Tools (lecture)
2017-01-17 - Attack Introduction (lecture)
2017-01-12 - VirtualBox Lab Setup and Crash Course (lecture)
2017-01-10 -Introduction to Course and VirtualBox (lecture)
Assignments
Final: Malware Analysis Report (Due: Saturday, 2018-04-28 11:55PM)
HW04: Dynamic Malware Monitoring (Due: Sunday, 2017-04-22 11:55PM)
HW03: Yara Binary Code Analysis (Due: Sunday, 2017-03-25 11:55PM)
HW02: Yara Static Analysis Using Strings, Observables (Due: Sunday, 2018-03-18 11:55PM)
HW01: VM Setup, Virtual Networking, Traffic Capture (Due: Thursday, 2018-02-15 11:55PM)
Assignments (old)
Final: Malware Analysis Report (Due: Friday, 2017-04-28 11:55PM)
HW05: Yara Binary Code Analysis (Due: Sunday, 2017-04-23 11:55PM)
HW04: Yara Static Analysis Using Strings, Observables (Due: Sunday, 2017-04-23 11:55PM)
HW03: Static Analysis Utility (Due: Thursday, 2017-03-02 11:55PM)
HW02: Kali Metasploit Experiment (Due: Tuesday, 2017-02-21 11:55PM)
HW01: VM Setup, Virtual Networking, Traffic Capture (Due: Thursday, 2017-02-16 11:55PM)
Other videos on malware I’ve done
Malware Analysis on a Budget - Discussion of malware analysis tools and research projects out in the open-source community
MalwareDNA - Talk about an instruction-analysis technique I devised in 2013
Recommended Resources
Adventures in Security (http://securitykitten.github.io/) - Nick Hoffman: A colleage, former coworker, and friend
Secured.org Blog (http://amanda.secured.org/) - Amanda Rousseau, Malware Research for Endgame
Secured.org RE101 (https://securedorg.github.io/RE101/ - Amanda Rousseau, RE101 course for 2017 WiCyS Conference
contagio malware dump (http://contagiodump.blogspot.com/) - A malware analysis and artifact sharing blog started by Mila
tuts4you (https://tuts4you.com/download.php) - RE tutorials, documentation, and other stuff
RPI Malware Analysis Course - Malware Analysis course at Rensselaer Polytechnic Institute
theZoo - A repository of LIVE malware, and navigation CLI
Awesome Security Talks (github repository) - A long list of videos related to various security topics from conferences, going back to 2013
Malware Analyzer - Reviews a bunch of malware analysis utilities
Visit http://class.malware.re/