Perfect for all skill levels, from a complete beginner to an expert analyst, this bundle has it all. Covering the very basics such as introductions to the tools and variants of malware, as well as important advanced concepts such as Website Injection Techniques utilized by sophisticated Banking Malware, plus Custom Developed Samples for enhanced practical learning, all in one convienient bundle. What are you waiting for?
Zero2Automated: What is it?
Zero2Automated (The Advanced Malware Analysis Course) is a course developed by Malware Reverse Engineers, for Malware Reverse Engineers, with practicality in mind. The main focus of this course is to teach you the advanced concepts utilized by modern malware, through a practical approach, allowing you to instantly apply the information to your own analyses. However, we do understand theory is vital in order to better understand certain fundamentals, such as how the PROPagate injection method works, and how Equation Editor is exploited. As a result, crystal clear PDFs are provided alongside certain chapters requiring a deeper dive, allowing you to constantly refer back to them whenever required.
Furthermore, upon purchase of the Advanced Malware Analysis Course, you will gain access to a private Slack channel focused around the course and course content, allowing you to interact with others currently taking the course, as well as ask for help on any issues that may come up.
Think that's all? Nope! The Advanced Malware Analysis Course will be updated over time, with additional modules, custom "CTF" challenges, and more being added, allowing you to further improve your knowledge of Malware Analysis and Reverse Engineering.
We're not done yet though! Not only do you get access to a frequently updated stream of videos and PDFs, you also get exclusive access to an e-book written by Jason Reaves (@sysopfb) that takes you through several sophisticated malware samples, from GuLoader to Qakbot, examining different anti-analysis methods, string encryption functionality, C2 protocols, and more!
Furthermore, upon purchase of the Advanced Malware Analysis Course, you will gain access to a private Slack channel focused around the course and course content, allowing you to interact with others currently taking the course, as well as ask for help on any issues that may come up.
Think that's all? Nope! The Advanced Malware Analysis Course will be updated over time, with additional modules, custom "CTF" challenges, and more being added, allowing you to further improve your knowledge of Malware Analysis and Reverse Engineering.
We're not done yet though! Not only do you get access to a frequently updated stream of videos and PDFs, you also get exclusive access to an e-book written by Jason Reaves (@sysopfb) that takes you through several sophisticated malware samples, from GuLoader to Qakbot, examining different anti-analysis methods, string encryption functionality, C2 protocols, and more!
ANY.RUN Integration
On top of the already existing features in the course, we are happy to announce we have partnered with ANY.RUN to provide a 3 month customized access plan for all students! This plan contains additional features not available in the free plan, such as locale selection, an extended timeout period, Windows 7 64bit, and more! All of this is featured in the course pricing, so there are no additional fees to worry about - in order to activate the 3 month plan, you need to register an account on ANY.RUN, and you will be upgraded, allowing you to access all the features in the plan immediately!
Additionally, ANY.RUN will be the new home for the malware samples covered in the course, allowing you to get an interactive overview on the sample before even opening it up in a disassembler or debugger!
If you have any questions about the customized plan, feel free to drop us a message here or via email (contact emails can be found at the end of this page), and we will respond ASAP!
Additionally, ANY.RUN will be the new home for the malware samples covered in the course, allowing you to get an interactive overview on the sample before even opening it up in a disassembler or debugger!
If you have any questions about the customized plan, feel free to drop us a message here or via email (contact emails can be found at the end of this page), and we will respond ASAP!
ANY.RUN Features
- Win 7 32/64bit
- Unlimited manual submissions (1 parallel)
- Interactive access
- Analysis time: 660 sec
- Max input file size: 100Mb
- HTML reports
- URL analysis
- Mitre ATT&CK mapping
- Process behavior graph
- Extended IDS rule sets
- Video record
- MITM proxy for HTTPS
- Locale selection
- Network geolocation
- Priority in queue
- Various software presets
- Custom OpenVPN configuration
- Monitoring of system processes
The Beginner Malware Analysis Course
"Whether you are at the start of your journey into Malware Analysis, or perhaps you are looking to refine your skills in different areas, this course will be beneficial for you. With beginners in mind, the course is comprised of several modules, each focusing on a different aspect of Malware Analysis - this ranges from learning x86 Assembly and analyzing Visual Basic macros, to extracting configurations and learning about encryption algorithms"
This course covers the very basics of Malware Analysis and Reverse Engineering, from introducing the tools of the trade, to reverse engineering multiple modern malware families. The information is provided through theoretical slides, followed by a practical example, whether that is setting up an InetSim instance to intercept malware traffic, or extracting the configuration from a notorious Banking Trojan; it has everything you need to get into the ever-changing field that is Malware Analysis and Reverse Engineering!
Upon purchasing this bundle, you will be provided access to The Beginner Malware Analysis Course soon after.
This course covers the very basics of Malware Analysis and Reverse Engineering, from introducing the tools of the trade, to reverse engineering multiple modern malware families. The information is provided through theoretical slides, followed by a practical example, whether that is setting up an InetSim instance to intercept malware traffic, or extracting the configuration from a notorious Banking Trojan; it has everything you need to get into the ever-changing field that is Malware Analysis and Reverse Engineering!
Upon purchasing this bundle, you will be provided access to The Beginner Malware Analysis Course soon after.
Zero2Automated: Bundle Prerequisites
As surprising as it may seem, there are no prerequisites required for you to successfully take this course! The Beginner Malware Analysis Course and the added Zero2Hero course contains everything you will need to understand concepts covered in the more advanced Zero2Automated course!
Z2A: What Will I Learn?
Zero2Automated Content:
- Week 0x01: Algorithms - Looking at Encryption, Hashing, Compression, etc.
- Week 0x02: Initial Stagers - Unpacking Malware, Analysing Malicious Word Documents, Analysing Loaders, Automating Config Extraction
- Week 0x03: Evasion - Persistence, Anti-Analysis, Process Injection
- Week 0x04: Malware Internals - Core Functionality, looking at Banking Malware, Spyware, Ransomware, Worms, etc.
- Week 0x05: Full Analysis 1 - Analysing a malware sample in depth
- Week 0x06: Full Analysis 2 - Analysing a malware sample in depth
- Week 0x07: Uncompiled Malware - Taking a look at uncompiled malware; Python, JavaScript, NodeJS, etc.
- Week 0x08: Exploitation - Looking at how malware uses exploits to achieve it's goals - Privilege Escalation, Gaining Access, Evasion
- Week 0x09: "Rooting and Booting" - Taking a look at Rootkits and Bootkits
- Week 0x0A: Shellcode - Looking at analysing Shellcode statically and dynamically
- Week 0x0B: Command And Control Servers - All things C2, including replicating a DGA.
- Week 0x0C: Threat Intelligence - Understanding Threat Intelligence
- Week 0x0D: Module Study - Trickbot Lock-n-Grab
- Week 0x0E: YARA Signature Development - How to develop YARA rules more effectively
- Week 0x0F and Onwards: Additional Undecided Modules Added
Certification of Completion
After successful completion of Zero2Automated: The Advanced Malware Analysis Course, as well as passing the final exam, you will receive a Certificate of Completion, along with a unique certificate ID for verification.
Why is the Contents Section so short?
If you are looking at the course in the first few weeks of it's existance, you might be looking at the section above, and the section below, and wondering why there's hardly any content in the Contents section.
For those of you who took our first course (Zero2Hero), you may remember that new episodes were rolled out weekly, along with new blog posts.
We decided to take the same approach for the Zero2Automated course, and so the reason the Contents section is possibly quite small is entirely due to that. We will be putting out a new chapter every Monday, starting June 1st, until we have uploaded the core course material (roughly 12-13 chapters). At that point, you will have access to the entirety of the course, both blog posts, and videos.
This decision was made due to the fact that it would be a lot easier to help people out with specific chapters, rather than have 50,000 questions on different chapters all at once!
Here is where the Slack Channel comes into play - any questions about the course can be asked there, and can easily be answered by someone else taking the course, or by us!
So, the TL;DR, don't worry about the length of the contents section below, as it will be updated every week, as a new chapter is released!
For those of you who took our first course (Zero2Hero), you may remember that new episodes were rolled out weekly, along with new blog posts.
We decided to take the same approach for the Zero2Automated course, and so the reason the Contents section is possibly quite small is entirely due to that. We will be putting out a new chapter every Monday, starting June 1st, until we have uploaded the core course material (roughly 12-13 chapters). At that point, you will have access to the entirety of the course, both blog posts, and videos.
This decision was made due to the fact that it would be a lot easier to help people out with specific chapters, rather than have 50,000 questions on different chapters all at once!
Here is where the Slack Channel comes into play - any questions about the course can be asked there, and can easily be answered by someone else taking the course, or by us!
So, the TL;DR, don't worry about the length of the contents section below, as it will be updated every week, as a new chapter is released!
What's included?
46 videos
24 files
1 text file
Contents
Course Introduction: Week 0x00
Algorithms: Week 0x01
Initial Stagers: Week 0x02
Evasion: Chapter 0x03
Practical Analysis and Test
Malware Internals: Week 0x04
In-Depth Analysis: Week 0x05
Exploitation: Week 0x06
"Decompilable2Src" Malware: Week 0x07
Threat Intelligence: Week 0x08
Zero2Hero
Zero2Automated: Malware Walkthroughs E-Book
Blog Posts
Resources
FAQs
Do I get lifetime access to the course?
Yes! Upon purchasing the course, you gain immediate lifetime access, allowing you to come back every few months to look at specifics! No additional payments, no additional worries! Furthermore, further content will be added to the course over time, which you will also gain access to, free of charge!
Can I access the course offline?
Unfortunately the videos cannot be accessed offline, however, you are able to download the theoretical material provided alongside the course, to study more in-depth topics offline!
Is payment possible without PayPal?
Both Stripe (Credit Card/Debit Card payments) and PayPal are the main supported payment processors of the platform, however if these are an issue for you, we may be able to work out possible payment methods - in that case, please see the "How can I contact you" answer.
Is a Certificate of Completion given?
It is! Upon completing the videos, there will be a short test that you can take. Upon passing this test, you will receive a certificate of completion, with your name on it!
How can I contact you for further questions?
You can contact us over Twitter (@0verfl0w_ and @VK_Intel) or via Email (0verfl0w33@protonmail.com and vitali@vk-intel.com)