The Malware Mega Thread.
#61
I recently found out about https://www.hoppersroppers.org/rootkit.html , this is a website where multiple courses regarding low-level security in general are provided for free. The one I linked looked most promising to me, this is the description:
Quote:Fundamentals of Linux Implant Development
Learn C and Malware Analysis By Writing a Clone of Turla's Linux Backdoor

Clone a 20 year old rootkit to gain an in-depth understanding of Linux internals along with the basics of malware functionality, detection, counter-measures, and reverse-engineering.
I only skimmed through some parts so far but it looks interesting to me, maybe someone else will find a useful course on this website.
Reply
#62
(02-27-2021, 11:07 AM)chios Wrote: I recently found out about https://www.hoppersroppers.org/rootkit.html , this is a website where multiple courses regarding low-level security in general are provided for free. The one I linked looked most promising to me, this is the description:
Quote:Fundamentals of Linux Implant Development
Learn C and Malware Analysis By Writing a Clone of Turla's Linux Backdoor

Clone a 20 year old rootkit to gain an in-depth understanding of Linux internals along with the basics of malware functionality, detection, counter-measures, and reverse-engineering.
I only skimmed through some parts so far but it looks interesting to me, maybe someone else will find a useful course on this website.

Thank you for your contribution, i'll definitely be checking it out. In fact i might distill the essence of what they're talking about into a single article/thread if it seems worthwhile after giving it a read. Added benefit is then that i can convert the thread to PDF format to mirror the resource at our github organization.
Reply
#63
Anyone have any resources concerning drive-by downloads? I am trying to collect as many as i can to mirror over at our Github Organization.
Reply
#64
(12-27-2017, 11:23 PM)Insider Wrote: Great thread Vector! Nice initiative. Malware analysis / RE is some deep-water stuff. Well at least for reverse engineering I'd say so. Probably helps to have a deep understanding of the compiler, assembler etc. So don't think I would blame any newbies for being a bit insecure, leaving no replies on your thread :p But rest assured, you efforts and contributions are appericiated regardless by me and by everyone else! For sure.

In addition to the resources you added to the thread. Here's some of my "information dumps".

Book: Malware Analysis For Beginners (Part 1)
This is a very beginner friendly book for malware analysis. I would recommend it for anyone who's completely new to the concept, let alone the concept of virtual machines.
Download: https://dl.packetstormsecurity.net/paper...Part_I.pdf

Book: Crypters & Binders Handbook.
Friend of a friend made this book on some of our parent forums in the past. Not sure why she took it down from her github. But my opinion is that information should be free. Luckily I have a copy of this ebook. I really recommend it if you need a better understanding on how basic crypters & binders work. And hopefully you should be able to write your own some day and stop relying on others. Download below.
Download: https://nofile.io/f/Kc43X824NNW/crypters.pdf

Some of my own threads:
Reverse Engineering Complete, free Book: https://greysec.net/showthread.php?tid=37
Reverse Engineering 101 + 102: https://greysec.net/showthread.php?tid=2487

Tools:
Malware Analysis Tools Pack "MAP": https://github.com/dzzie/MAP

The Book: Crypters & Binders Handbook link is dead, do you have the file ? If yes please share it.
Reply
#65
(03-07-2021, 07:48 AM)arvi Wrote:
(12-27-2017, 11:23 PM)Insider Wrote: Great thread Vector! Nice initiative. Malware analysis / RE is some deep-water stuff. Well at least for reverse engineering I'd say so. Probably helps to have a deep understanding of the compiler, assembler etc. So don't think I would blame any newbies for being a bit insecure, leaving no replies on your thread :p But rest assured, you efforts and contributions are appericiated regardless by me and by everyone else! For sure.

In addition to the resources you added to the thread. Here's some of my "information dumps".

Book: Malware Analysis For Beginners (Part 1)
This is a very beginner friendly book for malware analysis. I would recommend it for anyone who's completely new to the concept, let alone the concept of virtual machines.
Download: https://dl.packetstormsecurity.net/paper...Part_I.pdf

Book: Crypters & Binders Handbook.
Friend of a friend made this book on some of our parent forums in the past. Not sure why she took it down from her github. But my opinion is that information should be free. Luckily I have a copy of this ebook. I really recommend it if you need a better understanding on how basic crypters & binders work. And hopefully you should be able to write your own some day and stop relying on others. Download below.
Download: https://nofile.io/f/Kc43X824NNW/crypters.pdf

Some of my own threads:
Reverse Engineering Complete, free Book: https://greysec.net/showthread.php?tid=37
Reverse Engineering 101 + 102: https://greysec.net/showthread.php?tid=2487

Tools:
Malware Analysis Tools Pack "MAP": https://github.com/dzzie/MAP

The Book: Crypters & Binders Handbook link is dead, do you have the file ? If yes please share it.

I have it mirrored as a GreySec thread here: https://greysec.net/showthread.php?tid=6814
But let me know if you prefer pdf-format and I may be able to dig it up.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Malware dev advice OSCNET 6 6,999 04-22-2021, 12:11 AM
Last Post: Vector
  How to persist malware in Windows without tripping runtime AV? God Himself 2 3,571 04-21-2021, 10:25 PM
Last Post: Vector
  Don't Connect Back - Beaconing Malware deviant 3 5,342 02-10-2021, 02:12 AM
Last Post: Insider
  [QUESTION] What are the different ways malware becomes persistant for Windows? ueax 8 7,231 02-08-2021, 10:32 PM
Last Post: ueax