REBlog
October 19th, 2007, 20:27
Scott Lambert and I will be giving a two-day training course at Black Hat in Las Vegas this summer on Advanced Malware Deobfuscation (http://www.blackhat.com/html/bh-usa-06/train-bh-us-06-sl-advmal.html).
This isn't a class where we lecture you on x86 Assembly and show you how to use a disassembler. No, this class is the real deal... Import Table reconstruction, anti-breakpoint-detection, anti-debugger-detection, Thread Local Storage callbacks, stolen bytes, Structured Exception Handling injection and redirection, chunked packing, etc. This advanced class is going to teach you how to become an expert at manual unpacking.
I know of no other training course that has ever been given that has delved this deep into the art and science of malware deobfuscation. Scott and I have spent years honing our skills and we're going to teach the attendees everything we know.
P.S. Registration opened today!
P.P.S. If you sign up for the course and mention my blog when you see me, I'll buy you a beer
http://malwareanalysis.com/CommunityServer/blogs/geffner/archive/2006/03/15/10.aspx
This isn't a class where we lecture you on x86 Assembly and show you how to use a disassembler. No, this class is the real deal... Import Table reconstruction, anti-breakpoint-detection, anti-debugger-detection, Thread Local Storage callbacks, stolen bytes, Structured Exception Handling injection and redirection, chunked packing, etc. This advanced class is going to teach you how to become an expert at manual unpacking.
I know of no other training course that has ever been given that has delved this deep into the art and science of malware deobfuscation. Scott and I have spent years honing our skills and we're going to teach the attendees everything we know.
P.S. Registration opened today!
P.P.S. If you sign up for the course and mention my blog when you see me, I'll buy you a beer

http://malwareanalysis.com/CommunityServer/blogs/geffner/archive/2006/03/15/10.aspx