±Forensic Focus Partners
New Today: 2
New Yesterday: 8
±Forensic Focus Partner Ads
· Forensics and Bitcoin
· Investigation and Intelligence Framework (IIF) – an evidence extraction model for investigation
· Extracting data from dump of mobile devices running Android operating system
· Development of Digital Forensic Tools on Mobile Device, a Potential Area to Consider?
· Can You Get That License Plate?
· How To Decrypt WeChat EnMicroMsg.db Database?
· A guide to RegRipper and the art of timeline building
· Recovering Evidence from SSD Drives in 2014: Understanding TRIM, Garbage Collection and Exclusions
· FT Cyber Security Summit 2014 – Recap
Interested in Malware Analysis - need advice
Why would you need a course?
If by "malware forensics", you are looking to determine the effects that malware had on the system that it had infected, there are a number of resources available on the subject that don't require you to attend a course.
For example, there are two very good malware analysis books that have come out recently that go into some detail regarding monitoring or determining the effects of malware as it interacts with it's "eco-system". In my blog, I've provided a number of posts where I discuss malware characteristics and how to use those to develop an understanding of malware.
These are just a few of the resources available to you.
With some free and open source tools, some time, and some effort, you can build up quite a bit of capabilities and expertise in this area, without paying for a course.
- Senior Member
Lenny Zeltser (previously mentioned) has released a free VM specially designed for RE samples, entitled Remnux: zeltser.com/remnux/
There are several places online where you can pick up samples, or search your junk mail folder for obvious scams and use wget on the url and grab yourself one from the wild ;).
Also I can recommend the previously two mentioned titles "Malware Analysts Cookbook" and "Practical Malware Analysis" The cookbook can be quite heavy handed at times but its worth sticking with it.