SecurityTrainings

Session 4 – Assembly Programming Basics

When we analyse malwares we don’t have the source code. So in order to understand their logics we have to debug binaries (i.e. compiled form of source code like .exe, .dll etc.). In debugging we need to understand assembly of the program to build a high level logic. In short without assembly language you can’t reverse engineer an application. Check the reference links for additional material.

 


 

Similar posts
  • SX 4th Meetup – Defeating publi... In this awesome presentation, Raghav Pande explained the concept of public protections and showed how public exploit mitigation toolkits are not enough to protect from a targeted attack as well as how easy it is to evade all public protections.   Presentation:   [...]
  • SX 4th Meetup – Exposing the se... In this awesome presentation, Subrat Sarkar explained the concepts of Windows logon mechanism, Windows Logon architecture, Windows credential provider and showed how an attacker can take advantage of credential provider to steal Windows password in plain text and how to find and mitigate this issue.   Presentation:   [...]
  • SX 4th Meetup -Return Address – The s... In this awesome presentation, Amit Malik discussed about the importance of return address in solving some of the problems related to analysis and detection of the malicious codes.   Presentation:       [...]
  • SecurityXploded 3rd Quarterly Meetup ... Here is the quick update and presentations from our recently concluded Third ‘SecurityXploded Cyber Security Quarterly Meetup’.     In this meet, Sameer Patil delivered presentations on “Anatomy of Exploit Kits”, Satyam Saxena covered the topic on “Detecting the Malicious Url using Machine Learning” and Monnappa KA presented the topic on “Hunting the Gh0st RAT [...]
  • SX 3rd Meetup – Hunting Ghost R... In this awesome presentation, Monnappa KA explained the details of Ghost RAT malware used in various Cyber Espionage attacks. He showcased the sandbox analysis, traffic pattern and decrypting the communications of Ghost RAT from packet capture. He also demonstrated both manual and automated method of detecting and decrypting the communications of Ghost RAT using memory [...]

Leave a Reply

Your email address will not be published. Required fields are marked *