Pentesting Quick Reference OSCP and Beyond
  • Basic Tools & Techniques
  • Linux Basics
  • Windows Basics
  • Shells
  • Uploading Shells/ Transferring Files
  • FootPrinting
  • Host Discovery
  • Scanning
  • Vulnerability assessment
  • Metasploit and Meterpreter
    • Payloads
  • Brute Forcing/ Password Cracking
    • Attacking LSASS Passwords
    • Credentials Hunting Windows
    • Credential Hunting in Linux
    • Passwd, Shadow & Opasswd
    • Pass the Hash (PtH)
    • Protected Files
    • Protected Archives
    • Password Policies
    • Password Managers
    • Breached Credentials
  • Linux Remote Management Protocols
  • Windows Remote Management Protocols
  • Port 20/21 - FTP Pentesting
  • Port 23 Telnet
  • Port 25 - SMTP
  • IMAP/ POP3
  • Port 53 DNS
  • Port 445 - SMB
  • Port 111 -RPC Bind
  • Port 135 - RPC
  • Port 137 NetBios
  • Port 161 SNMP
  • Port 1433 - MSSQL
  • Port 1521 Oracle TNS
  • Port 1833 - MQTT
  • Port 2049 - NFS
  • Port 3306 MySQL
  • Port 3389 - RDP
  • Port 5985 - Winrm
  • Port 632 (UDP) IPMI
  • Redis (6379)
  • Port 10000 Webmin
  • Privilege Escalation
    • Windows Priv esc
    • Linux Priv esc
  • Active Directory
    • AD Basics
      • AD Management Basics
    • Initial Enumeration of AD
      • Enumerating AD Users
    • Password Spraying
      • Enumerating & Retrieving Password Policies
      • Password Spraying - Making a Target User List
      • Internal Password Spraying - from Linux
      • Internal Password Spraying - from Windows
      • Enumerating Security Controls
    • LLMNR Poisoning
    • SMB/ NTLM Relay Attacks
    • Pass the Ticket
      • Pass the Ticket (PtT) from Windows
      • Pass the Ticket (PtT) from Linux
    • AD Shell
    • AD Enumeration
      • Credentialed Enumeration - from Linux
      • Credentialed Enumeration - from Windows
      • Living off the Land
    • AS-REP roasting
    • Kerberosting
      • Kerberos "Double Hop" Problem
    • Access Control List (ACL) Abuse Primer
      • ACL Enumeration
      • ACL Abuse Tactics
      • DCSync
        • DCSync Example Forest HTB
    • BloodHound
    • Bloodhound CE
    • Privilege Escaltion
    • Bleeding Edge Vulnerabilities
    • Miscellaneous Misconfigurations
    • Attacking Active Directory & NTDS.dit 1
    • Domain Trusts
      • Attacking Domain Trusts - Child -> Parent Trusts - from Windows
      • Attacking Domain Trusts - Child -> Parent Trusts - from Linux
      • Attacking Domain Trusts - Cross-Forest Trust Abuse - from Windows
      • Attacking Domain Trusts - Cross-Forest Trust Abuse - from Linux
    • Hardening Active Directory
    • Additional AD Auditing Techniques
    • HTB AD Enumeration & Attacks - Skills Assessment Part I
  • Web Pentesting
    • Subdomains, directories and Vhost listing
    • Command Injection
    • XSS
    • SQL Injection
    • Authentication Bypass
  • Cryptography
  • More Resources
  • Forensics
  • IoT Security
  • API Security
  • Binary Exploitation
    • Assembly Cheatsheat for Hackers
    • Malware Analysis
      • Basic Static Malware Analysis
  • Boxes/ Machines
    • Try Hack Me
      • Vulnversity
      • Basic Pentesting
      • Kenobi
      • Steel Mountain
    • Vulnhub
      • Tiki
    • HTB
      • Beep
      • Active
      • Forest
      • Devel
    • Metasploitable 2
    • PWN.COLLEGE Talking Web
    • PWN COLLGE Web Hacking
  • Private Challenges
    • Pwn
    • Forensics
  • Misc tools
    • NetExec
  • SOC Analyst Resources
  • OSCP Tips and Misc
  • Mobile Hacking
  • Buffer Overflow
  • Wordpress
  • Web3 and Blockchain Security
  • WIFI Hacking
    • WPS Hacking
    • Misc Tools
Powered by GitBook
On this page
  • Youtube Videos Crash courses
  • Curated Resources
  • Complete resource list
  • C++
  • Youtube Videos
  • Most Important
  • Malware samples
  1. Binary Exploitation

Malware Analysis

PreviousAssembly Cheatsheat for HackersNextBasic Static Malware Analysis

Last updated 1 year ago

Youtube Videos Crash courses

Curated Resources

For a better overview, I have assembled a bunch of resources for you. You don't have to use all of them, but make sure to check out what you would like to learn.

Overview: hasherezade's (very respected Reverse Engineer) overview page about getting started (Tools, environments, base knowledge)

Beginner Courses: Z0F Course:

Tyler Hudak's 4-part series on RE (Highly recommended!):

Malware Unicorn's RE 101 course:

Assembly: An absolute classic introduction on RE by Dennis Yurichev that introduces you to a number of different architectures:

Azeria Lab's ARM course (great if you want to know more about ARM):

Complete resource list

C++

I'd also like to mention that you should work on your C/C++ knowledge while you're learning RE. You don't have to be an absolute master at it, but some basic knowledge is important. If you want to see some recommended sources for C/C++:

Recommended C Booklist: https://stackoverflow.com/questions/562303/the-definitive-c-book-guide-and-list

Recommended C++ Booklist: https://stackoverflow.com/questions/388242/the-definitive-c-book-guide-and-list

Good online resource for C++: https://www.learncpp.com/

General Computing/Low-Level stuff: The OSdev wiki is an amazing resource for everything concerning low-level. You have hours upon hours of reading material here. https://wiki.osdev.org/Main_Page

Youtube Videos

Most Important

Malware samples

LogoIntroduction - Nightmare
looks promising
LogoReverse Engineering challenges
along with beginners.re
A dive into the PE file format - Introduction0xRick's Blog
for pe file structure
LogoCNIT 126: Practical Malware Analysis -- Sam Bowne
Best as university lectures using the practical malware analysis book
LogoHow You Can Start Learning Malware AnalysisLenny Zeltser
Basics
LogoHow to start RE/malware analysis?hasherezade's 1001 nights
Logo"Reverse Engineering for Beginners" book
LogoReverse Engineering 101malwareunicorn
LogoGitHub - 0xZ0F/Z0FCourse_ReverseEngineering: Reverse engineering focusing on x64 Windows.GitHub
LogoGitHub - 0xZ0F/Z0FCourse_ReverseEngineering: Reverse engineering focusing on x64 Windows.GitHub
LogoGitHub - 0xZ0F/Z0FCourse_ReverseEngineering: Reverse engineering focusing on x64 Windows.GitHub
LogoWriting ARM Assembly (Part 1)Azeria-Labs
Logoawesome-reverse-engineering/Readme_full_en.md at master · alphaSeclab/awesome-reverse-engineeringGitHub
LogoBinary Analysis CourseMax Kersten
LogoArchitecture 1001: x86-64 Assembly
LogoIntroduction · Reverse Engineering
LogoWelcome to pwn.college!pwn.college
LogoCTF/pwn/binary_exploitation_101 at main · Crypto-Cat/CTFGitHub
Logovx-underground