Skip navigation.
Home

How difficult??

Hi,

How difficult is it to acquire good knowledge in Reverse Engineering. Is it always necessary to do reverse engineering when analysing malware? This may sound like a stupid question but since I am a rookie I prefer to post the question. :-) Is there a good document explaining how reverse engineering is done and how to find the important parts in code?

Thanks a lot for your help.

Yves

Re:How Difficult?

Hey Yves,

There are two books which are worth buying. You can get yourself acquainted with the basiscs.

1)Reversing: Secrets of Reverse Engineering by Eldad Eilam
2)Malware: Fighting Malicious Code by Lenny Zeltser/Ed Skoudis

A reference type book for reversing malware will be, Peter Szor's book titled "The Art of Computer Virus Research & Defense"

If you are located in Europe and want to learn the basics, you must take a look at "Reverse Engineering: Foundations" Course offered by Zynamics. They are certainly the best ;)

You *must* visit and register at OpenRCE since this is more of a malware submission, collection and analysis forum to start with... Hope that helps :)

Cheers,
Kish

--

Remember there is alwayz someone who knows more than us out there

Hi Kish, Thanks for your

Hi Kish,

Thanks for your reply. I read a lot about analysing malware (in my situation I would like to analyse a botnet) and I am wondering if I will be able to reverse the code since I recognized that often very advanced techniques are used (packing, encryption, anti-debugging)...so I feel a bit unsure. What would be the important parts to look for? Is there like a pattern or procedure on how to analyse malware?

thanks a lot for your help.

Yves

Re:

Reversing comes with practice, the more you do it the better. That said, If you are keen to progress quickly with malware analysis, try contacting Ero Carrera (Zynamics). Reserve yourself a seat for their Black Hat training and you will be amazed by their expertise.

Cheers,
Kish

--

Remember there is alwayz someone who knows more than us out there

Re:

Reversing comes with practice, the more you do it the better. That said, If you are keen to progress quickly with malware analysis, try contacting Ero Carrera (Zynamics). Reserve yourself a seat for their Black Hat training and you will be amazed by their expertise.

Cheers,
Kish

--

Remember there is alwayz someone who knows more than us out there

Hi Kish, I tried to find the

Hi Kish,

I tried to find the Reverse Engineering: Foundations course but I wasn't successful.

However I found the books you have suggested and they are very interesting....of course I have now to go through them....:-)

BTW do you know where I can find a list of malware which has not been analysed yet? I found already a list of different malware (which has been suggested in another post) and samples can also be found a little bit everywhere but how to know if it has not yet been analysed? This is basically part of my project for a degree which consist in analysing malware.

thanks for your precious input.

Regards,
Yves