Arm yourself with knowledge and bring the fight to the bad guys. Learn the state of the art of malware analysis and reverse engineering.
Arm yourself with knowledge and bring the fight to the bad guys! Practical Malware Analysis & Triage (PMAT) brings the state of the art of malware analysis to you in engaging instructional videos and custom-made, practical labs.
Welcome to Practical Malware Analysis & Triage. I'm Matt, aka HuskyHacks, and I'm excited to be your instructor for this course. I had a blast putting it together and I hope that you will come along with me and learn the art of splicing, slicing, inspecting, and dissecting malware samples.
Featuring two malware analysis lab build options: local virtual machines and a rapid-deployable cloud malware analysis network! Learn how to spin up a malware analysis network on AWS from anywhere in the world!
Skill Level
Basic-Plus to Intermediate. The course includes a selection of advanced topics. All concepts are taught in an accessible, foundational manner.
Why Take the Practical Malware Analysis & Triage Course?
This course is centered on practical labs that bring malware samples to bear in a safe, controlled environment.
First, you will learn to handle malware safely and construct an isolated lab environment. Then, you will learn the basics of malware analysis on samples designed to teach you the core analysis concepts. As the labs progress, the level of offensive tradecraft employed by these samples grows.
By the end of the course, you'll be using automated workflows and advanced analysis to extract key facts about real-world specimens.
Finally, and most importantly, you'll learn the keys to writing detection rules and triage reports to tell the world what you have learned.

What Will I Receive from this Course?
Access to the student-only channel on Discord to receive support from the instructor and other students.
Access to 9+ hours of engaging, instructional video content.
Access to the PMAT Lab repository containing dozens of malware samples designed to teach you the fundamentals.
Course completion certificate.

System Requirements
Basic IT knowledge.
Knowledge of the general classes of malware (virus, trojan, worm, etc). Knowledge of how these malware classes function on the technical level is not required.
Comfort in the command line of Linux and Windows. All tools and techniques taught in the course are explained step-by-step but working knowledge of Bash and the Windows command prompt is recommended.

For a local lab build, you need
A computer that
Has at least 6GB of available RAM.
Has at least 40GB of available storage.
Can run Oracle VirtualBox and host two lab virtual machines at the same time (with the option to host a third for additional development).
Has an internet connection.

For a cloud malware analysis lab, you need
An AWS account and a way to pay for AWS resource utilization.
Knowledge of x86 Assembly and other low level computer programming concepts is not required.

Recommendations
Familiarity with programming concepts is recommended but not required.
Familiarity with offensive cybersecurity Tactics, Techniques & Procedures (TTPs) will be helpful but is not required.

Homepage