Course Overview
Identifying and analyzing malware is an essential skill for any security professional - whether investigating a security incident, tracking a large-scale campaign, or discovering yet unknown threats.
This technical 4-day course covers all the fundamentals of malware analysis, providing the student with a solid understanding of the malware world, as well as the tools and hands-on skills required to effectively analyze malicious files.
Moyens d'évaluation :
- Quiz pré-formation de vérification des connaissances (si applicable)
- Évaluations formatives pendant la formation, à travers les travaux pratiques réalisés sur les labs à l’issue de chaque module, QCM, mises en situation…
- Complétion par chaque participant d’un questionnaire et/ou questionnaire de positionnement en amont et à l’issue de la formation pour validation de l’acquisition des compétences
Course Objectives
- HackingPoint is a new Global Education program for security experts (customers, partners, or network admins) to help master all types of Pen Testing techniques and Cyber Security practices
- The goal of this program is to give security experts in-depth understanding of how to better protect the corporate network and resources
- World-class trainers and Pen-testing experts in the field (BlackHat & Check Point RnD trainers) provide students deep knowledge in cutting-edge Cyber Security threats
Course Content
Introduction to Malware
- Who perpetrates these attacks?
- What is their goal?
- Types of malware
- Malware history and evolution
Malware Behavior and Techniques
- Malware lifecycle
- Infection, persistence, privilege escalation
- Stealth, network communication
Malware Analysis Overview
- Analysis types
- Tools and techniques
Triage Analysis
- Identifying malware
- Analyzing the PE header
- Examining static features
- Utilizing OSINT tools
Dynamic Analysis — OS Behavior
- Monitoring OS activity — process, file, registry
- Mapping execution flow
- Detecting malicious behaviors such as, persistence, injection, hooking
Dynamic Analysis — Network Behavior
- Malware communication techniques
- Analyzing malware traffic
- Controlling responses
Analyzing Malicious Office Documents
- Droppers and downloaders
- Debugging macro scripts
Automated Analysis
- Working with sandboxes
- Evasion techniques and how to bypass them
Moyens Pédagogiques :