OWASP Bucharest AppSec Conference 2017 Training2

Training

Advanced Malware Analysis is a fast paced, full hands-on course which starts from the very basics of malware analysis and reverse engineering and then moves to advanced analysis of malwares (including malicious exe, js, pdf and word files as well) which then advances to analyze shellcodes, rootkits and ransomwares. Students taking this course will learn the tools and techniques to understand, analyze and defend against modern day malwares.

Syllabus

1. Malware ananlysis fundamentals

• Malware analysis and Reverse Engineering
• Setting up an environment for malware analysis
• Setting up the toolkit to analyze malwares effectively
• Performing basic static analysis
• Performing basic dynamic analysis

2. Advanced Static Analysis

• Revisiting x86 assembly concepts to apply it in malware analysis
• Recognizing key data structures and language constructs in malware
• Recognizing and locating common Windows API functions in malwares
• Understanding and defeating anti-disassembly techniques

3. Advanced Dynamic malware analysis

• Getting used to debuggers and debugging
• Understanding and defeating anti-debugging techniques
• Dealing with packed malwares
• Unpacking packed malwares and challenges in unpacking
• Dumping packed malwares in unpacked state from memory
• Understanding Code injection in depth
• Dissecting file-less malwares

4. Other major types of malware types

• Understanding and dissecting JavaScript malwares
• De-obfuscating JavaScript malwares
• Understanding and dissecting PDF based malwares
• Dissecting macro based malwares in Microsoft Office files

5. Shellcodes, Rootkits and Ransomwares

• Understanding Shellcodes and performing Shellcode analysis
• Understanding Rootkits and performing Rootkit analysis
• Understanding Ransomwares and performing Ransomware analysis

Intended audience:Advanced Malware Analysis is a full hands-on course. It is useful both for beginners into the field of malware analysis, as well as for those who have been into this area for some time but want to polish their skills to a new level. Other than malware analysts, reverse engineers, forensic investigators, threat analysts, students, people wanting to get into malware analysis can take this course.
Skill level: Intermediate
Requirements: Knowledge of x86 Assembly lang, familiarity with debuggers, disassemblers, Windows OS. A Laptop with at least 8 GB of RAM. VMWare Workstation or Virtualbox.
Seats available: 20 (first-come, first served)
Price: 1000 euros/person
Register here

The focus of this training will be on how to build secure applications and how to evaluate them using real world scenarios. The attendees will learn the concepts solving exercises and using various OWASP resources like the OWASP ASVS (Application Security Verification Standard) and the OWASP Testing Guide. Topics covered:
Day 1:

• Architecture design and threat modelling
• Authentication Flaws
• Session Management Flaws
• Access Control Verification Requirements
• Input Handling and Output Encoding/Escaping

Day 2:

• Cryptography at Rest
• Error Handling and Logging
• Data Protection Verification
• Communications Security
• Business Logic Verification Requirements
• Files and Resources
• Mobile Security
• Web Service Security

Intended audience: This training is suitable for developers, quality assurance, code reviewers and penetration testers
Skill level: Beginner - intermediate
Requirements: Basic web knowledge; laptop with at least 4GB RAM and virtualization software (VMware Workstation Player).
Seats available: 20 (first-come, first served)
Price: 400 euros/person
Register here