What you'll learn
This learning path will prepare you to start on the journey of analyzing malware. Note that this is one of the hardest areas of security to master, but incremental progress will give results. The general goal of malware analysis is to characterize new malware, both brand new malware and variants of existing ones.
Last updated on: 26 July 2024
Modules
Start here
Read the learning path overview, objectives, associated threats, and prerequisites
Module 1
Before you analyzing any malware, you need to set up a safe environment to do so. Since malware does bad things to the systems it runs on, you do not want to run it on your primary system
Module 2
When evaluating malware files, we need to perform a deeper analysis of file types and contents. Beyond basic file extensions, we’ll examine file headers and signatures, as well as string contents
Module 3
Dynamic analysis is the process of running a piece of malware and observing what it does. The easiest way of doing this is by running a piece of software in a safe, isolated environment called a sandbox.
Module 4
Static analysis is the process of disassembling a binary file in order to understand what’s inside it. It’s quite labor-intensive and requires software engineering knowledge
Module 5
We look at how you can create and share Indicators of Compromise (IoCs) and tell others in the community about the malware you found or analyzed