numberwhun · April 15, 2024 04:38
diff --git a/Malware Analysis Tips and other Pentesting Links b/Malware Analysis Tips and other Pentesting Links
 Books to look for:
 http://www.barnesandnoble.com/w/a-bug-hunters-diary-tobias-klein/1110853653?ean=9781593273859
 http://www.barnesandnoble.com/w/malware-forensics-cameron-h-malin/1111450972?ean=9781597492683
 http://www.barnesandnoble.com/w/hacking-web-apps-mike-shema/1110781208?ean=9781597499514
 http://www.barnesandnoble.com/w/professional-penetration-testing-thomas-wilhelm/1117354019?ean=9781597499934
 http://www.barnesandnoble.com/w/the-hackers-guide-to-os-x-robert-bathurst/1111893150?ean=9781597499507
 http://www.barnesandnoble.com/w/carry-on-bruce-schneier/1115806332?ean=9781118790816
 http://www.barnesandnoble.com/w/phishing-dark-waters-christopher-hadnagy/1120616529?ean=9781118958476
 http://www.barnesandnoble.com/w/network-security-through-data-analysis-michael-collins/1117219990?ean=9781449357900
 http://www.barnesandnoble.com/w/practical-reverse-engineering-bruce-dang/1118229651?ean=9781118787311
 http://www.barnesandnoble.com/w/malware-analysts-cookbook-and-dvd-michael-ligh/1100320092?ean=9780470613030
 http://www.barnesandnoble.com/w/web-application-hackers-handbook-dafydd-stuttard/1100319250?ean=9781118026472

 AWESOME Repo Links:
 https://github.com/onlurking/awesome-infosec
 https://github.com/enaqx/awesome-pentest
 https://github.com/paragonie/awesome-appsec
 https://github.com/rshipp/awesome-malware-analysis
 https://github.com/apsdehal/awesome-ctf
 https://github.com/sbilly/awesome-security
 https://github.com/infoslack/awesome-web-hacking
 https://github.com/Friz-zy/awesome-linux-containers
 https://github.com/vinta/awesome-python
 https://github.com/bayandin/awesome-awesomeness    (A list of Awesome lists)
 https://github.com/paralax/awesome-honeypots
 https://github.com/carpedm20/awesome-hacking



 Malware RE isn't really all that much voodoo as it seems, you take the executable and break it down into steps.
 First check out the PE headers and find what strings you can, characteristics. Figure out if the malware is packed or not.
 A quick and dirty way to get an idea of what it does it run it with certain tools on the system and a linux box to intercept all network communications. This is called behavioral analysis.
 After that you can load it into a disassembler like IDA Pro and start looking for interesting functions or windows API calls. Things like WriteFile, VirtualAllocEx, ReadFile then figure out that they are doing.
 After that you can take it into your debugger (I like OllyDbg) and set some breakpoints at interesting functions to see what the malware is doing in the stack. Like I said, its not voodoo once you look into it further.
 Creating the malware is a whole different story and outside my skill set. In fact I hate programming and know only high level programming, basically I can interpret code and what it wants to do. But I have an easier time reading Assembly (lol) than something like C++. But coding malware is just like coding anything else, design it for what you want it to do and get to work. Stuff like Stuxnet had probably at a minimum 10 extremely talented coders behind it.

 Here is a great list of learning sources:

 Free:
 Cybrary.it Malware Analysis Course - Free - https://www.cybrary.it/course/malware-analysis/
 Opensource Malware Analysis Course - Free - https://github.com/RPISEC/Malware
 Dr. Fu's Malware Analysis Course - Free - http://fumalwareanalysis.blogspot.com/p/malware-analysis-tutorials-reverse.html?m=1
 OpenSecurityTraining.info - Free - http://opensecuritytraining.info/Welcome.html

 Links:
 http://www.pentest-standard.org/index.php/Main_Page
 https://www.exploit-db.com/


 Pay Courses:
 SANS FOR610 Reverse Engineering and Malware Analysis - Expensive - https://www.sans.org/course/reverse-engineering-malware-malware-analysis-tools-techniques

 Books:
 Practical Malware Analysis - http://www.amazon.com/Practical-Malware-Analysis-Hands--Dissecting/dp/1593272901/ref=sr_1_1?ie=UTF8&qid=1453306529&sr=8-1&keywords=practical+malware+analysis
 Practical Reverse Engineering - http://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315/ref=tmm_pap_title_0?_encoding=UTF8&qid=&sr=
 Malware Analyst's Cookbook - http://www.amazon.com/Malware-Analysts-Cookbook-DVD-Techniques/dp/0470613033/ref=tmm_pap_title_0?_encoding=UTF8&qid=&sr=
 ----------------------------------------------------

 Pentesting Info

 A quote of some things to really know to be a pentester:

    OWASP Top 10 (what they are, how to exploit, how to fix, etc)
    CIA Triad (or pyramid or whatever the slang term is)
    OSI Model
    shit ton of networking stuff
    some low-level exploitation knowledge (buffer overflows, format strings, etc.)
    solid writing skills


 Misc Links:
 https://github.com/isislab/Hack-Night/tree/master/2014-Fall

 Wireless Penetration Testing Seried by Hak5:  https://www.youtube.com/watch?v=lUfLCko6GU4&feature=youtu.be
 Hak5's Youtube Page: https://www.youtube.com/channel/UC3s0BtrBJpwNDaflRSoiieQ
 A Youtube channel on using Metasploit:  https://www.youtube.com/playlist?list=PL8JzjH888lZUC09-L_mHnqZP3x8hyeLZh
 OSI Model:  http://www.webopedia.com/quick_ref/OSI_Layers.asp

 Wargames Sites:
   http://smashthestack.org/
   http://overthewire.org/wargames/

 From user 'blackhatlinux' on Reddit:
 Here are some things that I recommend you

    Have a glance at the sidebar and the wiki. We put a lot of time and effort into these things, so make sure you visit the links

    Take a look at something like the OSI model. It is a conceptual framework that will help you better understand the interactions between layers

    RTFM. I cannot stress this enough. Read the docs. Read the instructions. This is what helps you learn what a tool does, how it works, what its functions are, etc.

    Play some wargames. Wargames are games where you are able to use problem-solving skills and tools to pass levels. Smash the stack and over the wire are some good ones.

    Ask some questions on the IRC (link in sidebar). The IRC is welcoming to newcomers with valid questions.
	Books to look for:
	http://www.barnesandnoble.com/w/a-bug-hunters-diary-tobias-klein/1110853653?ean=9781593273859
	http://www.barnesandnoble.com/w/malware-forensics-cameron-h-malin/1111450972?ean=9781597492683
	http://www.barnesandnoble.com/w/hacking-web-apps-mike-shema/1110781208?ean=9781597499514
	http://www.barnesandnoble.com/w/professional-penetration-testing-thomas-wilhelm/1117354019?ean=9781597499934
	http://www.barnesandnoble.com/w/the-hackers-guide-to-os-x-robert-bathurst/1111893150?ean=9781597499507
	http://www.barnesandnoble.com/w/carry-on-bruce-schneier/1115806332?ean=9781118790816
	http://www.barnesandnoble.com/w/phishing-dark-waters-christopher-hadnagy/1120616529?ean=9781118958476
	http://www.barnesandnoble.com/w/network-security-through-data-analysis-michael-collins/1117219990?ean=9781449357900
	http://www.barnesandnoble.com/w/practical-reverse-engineering-bruce-dang/1118229651?ean=9781118787311
	http://www.barnesandnoble.com/w/malware-analysts-cookbook-and-dvd-michael-ligh/1100320092?ean=9780470613030
	http://www.barnesandnoble.com/w/web-application-hackers-handbook-dafydd-stuttard/1100319250?ean=9781118026472

	AWESOME Repo Links:
	https://github.com/onlurking/awesome-infosec
	https://github.com/enaqx/awesome-pentest
	https://github.com/paragonie/awesome-appsec
	https://github.com/rshipp/awesome-malware-analysis
	https://github.com/apsdehal/awesome-ctf
	https://github.com/sbilly/awesome-security
	https://github.com/infoslack/awesome-web-hacking
	https://github.com/Friz-zy/awesome-linux-containers
	https://github.com/vinta/awesome-python
	https://github.com/bayandin/awesome-awesomeness (A list of Awesome lists)
	https://github.com/paralax/awesome-honeypots
	https://github.com/carpedm20/awesome-hacking



	Malware RE isn't really all that much voodoo as it seems, you take the executable and break it down into steps.
	First check out the PE headers and find what strings you can, characteristics. Figure out if the malware is packed or not.
	A quick and dirty way to get an idea of what it does it run it with certain tools on the system and a linux box to intercept all network communications. This is called behavioral analysis.
	After that you can load it into a disassembler like IDA Pro and start looking for interesting functions or windows API calls. Things like WriteFile, VirtualAllocEx, ReadFile then figure out that they are doing.
	After that you can take it into your debugger (I like OllyDbg) and set some breakpoints at interesting functions to see what the malware is doing in the stack. Like I said, its not voodoo once you look into it further.
	Creating the malware is a whole different story and outside my skill set. In fact I hate programming and know only high level programming, basically I can interpret code and what it wants to do. But I have an easier time reading Assembly (lol) than something like C++. But coding malware is just like coding anything else, design it for what you want it to do and get to work. Stuff like Stuxnet had probably at a minimum 10 extremely talented coders behind it.

	Here is a great list of learning sources:

	Free:
	Cybrary.it Malware Analysis Course - Free - https://www.cybrary.it/course/malware-analysis/
	Opensource Malware Analysis Course - Free - https://github.com/RPISEC/Malware
	Dr. Fu's Malware Analysis Course - Free - http://fumalwareanalysis.blogspot.com/p/malware-analysis-tutorials-reverse.html?m=1
	OpenSecurityTraining.info - Free - http://opensecuritytraining.info/Welcome.html

	Links:
	http://www.pentest-standard.org/index.php/Main_Page
	https://www.exploit-db.com/


	Pay Courses:
	SANS FOR610 Reverse Engineering and Malware Analysis - Expensive - https://www.sans.org/course/reverse-engineering-malware-malware-analysis-tools-techniques

	Books:
	Practical Malware Analysis - http://www.amazon.com/Practical-Malware-Analysis-Hands--Dissecting/dp/1593272901/ref=sr_1_1?ie=UTF8&qid=1453306529&sr=8-1&keywords=practical+malware+analysis
	Practical Reverse Engineering - http://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315/ref=tmm_pap_title_0?_encoding=UTF8&qid=&sr=
	Malware Analyst's Cookbook - http://www.amazon.com/Malware-Analysts-Cookbook-DVD-Techniques/dp/0470613033/ref=tmm_pap_title_0?_encoding=UTF8&qid=&sr=
	----------------------------------------------------

	Pentesting Info

	A quote of some things to really know to be a pentester:

	OWASP Top 10 (what they are, how to exploit, how to fix, etc)
	CIA Triad (or pyramid or whatever the slang term is)
	OSI Model
	shit ton of networking stuff
	some low-level exploitation knowledge (buffer overflows, format strings, etc.)
	solid writing skills


	Misc Links:
	https://github.com/isislab/Hack-Night/tree/master/2014-Fall

	Wireless Penetration Testing Seried by Hak5: https://www.youtube.com/watch?v=lUfLCko6GU4&feature=youtu.be
	Hak5's Youtube Page: https://www.youtube.com/channel/UC3s0BtrBJpwNDaflRSoiieQ
	A Youtube channel on using Metasploit: https://www.youtube.com/playlist?list=PL8JzjH888lZUC09-L_mHnqZP3x8hyeLZh
	OSI Model: http://www.webopedia.com/quick_ref/OSI_Layers.asp

	Wargames Sites:
	http://smashthestack.org/
	http://overthewire.org/wargames/

	From user 'blackhatlinux' on Reddit:
	Here are some things that I recommend you

	Have a glance at the sidebar and the wiki. We put a lot of time and effort into these things, so make sure you visit the links

	Take a look at something like the OSI model. It is a conceptual framework that will help you better understand the interactions between layers

	RTFM. I cannot stress this enough. Read the docs. Read the instructions. This is what helps you learn what a tool does, how it works, what its functions are, etc.

	Play some wargames. Wargames are games where you are able to use problem-solving skills and tools to pass levels. Smash the stack and over the wire are some good ones.

	Ask some questions on the IRC (link in sidebar). The IRC is welcoming to newcomers with valid questions.