Malware Analysis & Reverse Engineering

Free Malware Analysis & Reverse Engineering Training

In this category, “Beginner” assumes that you have an understanding of the four core categories listed on the homepage and specifically have a general understanding of x86 Assembly language.

Name & Direct LinkPlatformFor BeginnersHands-On ComponentProof of CompletionTopics
Malware Noob2Ninja CourseYouTube - 0xf0xYesYesBuilding a Malware Lab, Malicious Word Documents, Static Analysis, Behavioural Analysis, Cuckoo Sandbox, Persistance Techniques, x32dbg, Emotet
Introduction to Malware AnalysisYouTube - 13CubedMalware Analysis, IDA Pro, x64dbg, YARA, Payload Distribution Format, ProcDOT, PDFs
Malware Unicorn's Reverse Engineering WorkshopsMalware UnicornYes - Reverse Engineering 101 is for BeginnersYesReverse Engineering, Environment Setup, Windows PE C Program, X86 Assembly Language, Attack Flow, Tools, Triage Analysis, Static Analysis, Dynamic Analysis, Encryption, Evasion Techniques, Packing
Reverse Engineering for BeginnersBegin.reYesYesReverse Engineering, x86 Assembly, IDA, OllyDbg, Call Stack
Reverse Engineering 101FedVTEYesYesUses for Reverse Engineering, Process of Reverse Engineering, Methodology
Reverse Engineering CourseGitHub - 0xZ0FYesBinary, ASCII, Programming Languages, Assembly, Tools, DLL, Windows. Some Chapters are still in development.
Reverse Engineering Course (With Radare2)Artik BlueReverse Engineering, conditionals, functions, cases, loops, arrays, strings, var types, heaps, crackmes, pointers, dynamic memory, bitwise operations, linked lists, Radare2. The site also has advanced topics on Reversing C Code.
Reverse Engineering MalwareHackers AriseYesAssembler Basics, IDA Pro, Windows Internals, OllyDbg, System-Level Analysis
Reversing & Malware Analysis TrainingSecurity Trainings - SecurityXplodedYesLab Setup, Windows Internals, PE File Format, Assembly, Reverse Engineering, Tools, Malware Analysis, Unpacking, Memory Forensics, Exploit Development, Rootkit Analysis
Introduction to Reverse Engineering with GhidraHackaday.ioYes - The live course is over but the course materials are on the website.Ghidra, Reverse Engineering, x86_64 Architecture, Assembly Language
Android App Reverse Engineering 101Raging Rock (Maddie Stone)YesYesAndroid Application Fundamentals, DEX Bytecode, Native Libraries, Obfuscation
Binary Analysis CourseMax KerstenYesCPU Architecture (x86 and x64_86), Registers, Endianness, Flags, Assembly
Advanced Binary DeobfuscationGitHub - malrevYesObfuscation Techniques, Deobfuscation Techniques
The Art of Mac Malware (book by Patrick Wardle)objective-see llcmacOS, Malware, Static Analysis, Dynamic Analysis, Infection Vectors, Persistance, Anti-Analysis Techniques
CNIT 126: Practical Malware AnalysisSam Bowne's WebsiteYesMalware Analysis, Static Analysis, Dynamic Analysis, X86 Disassembly, OllyDbg, IDA Pro, WinDbg, Malware Behavior
Malware of the DayActive CountermeasuresActive Countermeasures provides information about different types of malware along with PCAP files. Zeus, PittyTiger, Fiesta, Taidoor, Orangeworm, Comfoo, Saefko, Magnitute, Asprox, Backoff, APT1 Virtually There
Malware Reverse Engineering Handbook (PDF)CCDCOELab Environment, Static Analysis, Dissasembly, Dynamic Analysis, Sandboxing, Debuggers, VirusTotal, String Analysis, PEiD Tool, CFF Explorer, Resource Hacker, PeStudio, IDA free, Ghidra, Process Monitor, Process Explorer, Regshot, INetSim, Cuckoo Sandbox, Windows Sandbox, Network Traffic Analysis
Introduction to Malware Analysis and Reverse EngineeringYouTube - Coleman KaneVirtualBox, Malware, Static Analysis, x86 Disassembly, Dynamic Analysis, Run-Time Analysis, YARA, PDF and Office Document Analysis, Java & SWF Malware Analysis, Android Malware Analysis, File-less Malware Analysis
Malware Analysis Using VM Introspection and Memory ForensicsClark Center - Golden RichardYesVM Introspection, Memory Forensics, Virtualization, Introspection Capabilities, Volatility
Malware Analysis BootcampYouTube - HackerSploitYesHow to Set up a Sandbox Environment, Static Analysis, File Type Identification, Generating Malware Hashes, Extracting Strings, Packers & Unpacking, PE Headers, Creating YARA Rules, Stuxnet Analysis with Ghidra
Malware Analysis Training (slides/written article with training files)GitHub - OpenRCEYesMalware Analysis, Virtual Machines, X86 Architecture, Windows, PE File Format, Analysis Tools, Disassembly, IDA Pro, OllyDbg, Unpacking, Anti-Reverse Engineering, Binary Diffing and Matching, PaiMei, PEFile and PyDasm
Introductory Malware Analysis WebcastsLenny Zeltser's WebsiteYesYesMalware Analysis Essentials using REMnux, Introduction to Malware Analysis, How to Run Malware Analysis Apps as Docker Containers
Practical Malware Analysis Essentials for Incident Responders (Lenny Zeltser)YouTube - RSA ConferenceFree Malware Analysis Tools, PeStudio, Threat Intelligence, Threat Hunting, Windows
SANS Must Have Free Resources for Malware AnalysisSANSMalware Tools, Webcasts, Resources, Cheat Sheets
Learn the Hard Stuff the Slow WayHopper's Roppers (Roppers Academy)YesC Programming, Assembly, Debugging, Reverse Engineering
Fileless Malware DemystifiedYouTube - CryptoStopperWhat Fileless Malware is, How it Works, Examples of a Dropper, Examples of Fileless Malware, Fileless Ransomware
Introduction to Reverse EngineeringYouTube - Josh StroscheinYesReverse Engineering, IDA Pro, x86, The Stack, Code Constructs, IF Statements, Loops, Jump Tables, Pointers
Josh Stroschein's YouTube Channel and WebsiteYouTube - Josh Stroschein & Josh Stroschein's WebsiteReverse Engineering, Malware Analysis, Ghidra, Cuckoo Sandbox, Maldocs, Unpacking, Debugging
Wyatt Roersma's YouTube ChannelYouTube - Wyatt RoersmaYesFoundational Malware Analysis, Cuckoo Sandbox Install
Reverse Engineering MalwareYouTube - Open SecurityTrainingYes - Course file are on the Open Security Training WebsiteUnderstanding common malware features and behavior, defeating code armoring and obfuscation, signature creation and applying prior analysis, dynamic analysis tools and how they can aid in static analysis.
Analyzing Malicious Word and Excel DocumentsYouTube - Hack In The Box Security ConferenceYes - The Files are Located HEREAnalyzing Malicious Word and Excel Files
Ali Hadi's YouTube ChannelYouTube - Ali HadiYes - The Intro to PE File Format video has lab files HERE. This is part of an Offensive Software Exploitation (OSE) course that is listed under the Ethical Hacking category of this site.Malware Analysis, Process Hacker, Investigating Windows Scheduled Tasks Used by Ransomware, .NET Malware, PE File Format
How to Set Up and Use the CuckooVMGitHub - ashemeryYesHow to setup and use the Cuckoo Sandbox VM (CuckooVM v2)
Unprotect ProjectUnprotect ProjectThis website describes different malware evasion techniques.
Introduction to Advanced Threats (slides)Black Storm Security - Alexandre BorgesReversing, Anti-Reversing, De-Obfuscation
OALabs YouTube Channel and WebsiteYouTube - OALabs, Open Analysis WebsiteTheir YouTube channel and website are all about malware analysis and reverse engineering. In addition to their YouTube videos, they have training guides on their website related to Malware Triage, Malscripts, and Using Open Data to Help Develop Robust Indicators (IOCs)
Oh You Silly Framework!: An Intro to Analyzing .NET MalwareSANSYes - Certificate of Completion (CEU Certificate).NET Malware, Malware Analysis
Colin Hardy's YouTube ChannelYouTube - Colin HardyTools, Tactics, and Techniques for Analyzing Malware, Deobfuscation, Emotet, WannaCry, SUNBURST, Maldocs
Malware Training Vol1GitHub - hasherezadeTechniques Used by Malware, Reverse Engineering
AGDC Services YouTube Channel and BlogYouTube - AGDC ServicesAutomate Labeling of Obfuscated APIs, Reverse Engineering RC4 Crypto, How Malware Walks the PEB to Find Modules By Hash