- Get the book chapter here
- Real Malware samples for didactic purposes: cancoes de ninar.zip (ask for the password)
- File Identification
- Strings Identification (with regex)
- Disassembly (objdump)
- Packing (UPX)
- Compilation approaches (dynamic libs, static compilation, blobs)
- Dynamic Analysis (strace, ltrace)
- Developing a Tracing Solution (ptrace)
- Modularity Approaches (Forking)
- Anti-analysis Approaches (ptrace detection)
- Binary Patching
- Rootkits (LDPRELOAD)
- Networking (Iptables)
- Filesystem Monitoring (Inotify)
- Logging (syslog, audit)
- Basic concepts and examples
- 2 hours
- Federal University of Paraná (2017)
- University of Campinas (2018)
- Protection, Anti-Analysis, Behaviors
- 2 hours
- University of Campinas (2018)
- Extra Material for GDB Debugging
- Manual Entry Point Identification
- Automated on RevEngE Check Here
- Short Course in the XIX SBSEG (Brazilian Security Symposium)
- 4 hours
- Linux System Call Hooker implementation
- Forked code from my co-author Otávio Silva's repository