Zero 2 Hero

“From Zero to Hero: Malware Reverse Engineering & Threat Intelligence” is a free, 12-week course by Vitali Kremez and Daniel Bunce (@0verfl0w_) sponsored by SentinelOne.

Register now to access Week 1 and get notified of each new weekly episode.

Chapter 7: How Malware Uses Privilege Escalation to Compromise Devices | FlawedGrace RAT and Pitou Spambot

The Zero2Hero malware course continues with Daniel Bunce dives into privilege escalation and how the FlawedGrace RAT and Pitou Spambot implemented it.

Read the Zero2Hero Course Posts

Posted on

Writing Malware Configuration Extractors for ISFB/Ursnif

The Zero2Hero malware course continues with Daniel Bunce demonstrating automated IOC extraction using a python script and an example of ISFB/Ursnif malware.

Posted on

Info Stealers | How Malware Hacks Private User Data

Continuing our free Zero2Hero malware reverse engineering course, Daniel Bunce dives into the details of KPot, Vidar & Raccoon Info Stealers.

Posted on

Deep Insight into “FIN7” Malware Chain: From Office Macro Malware to Lightweight JS Loader

The Zero2Hero malware course continues with Vitali Kremez dissecting the ‘Fin7’ malware chain that leverages malicious MS Office Macros and a JS loader.

Posted on

Gootkit Banking Trojan | Deep Dive into Anti-Analysis Features

Gootkit packs plenty of Anti-Analysis features to evade sandboxes, prevent execution in a Virtual Machine, and slow down analysis. Let’s take a dive inside!

Posted on

FIN6 “FrameworkPOS”: Point-of-Sale Malware Analysis & Internals

The Zero2Hero malware course continues with Vitali Kremez diving into FIN6 “FrameworkPOS”, targeting payment card data from Point-of-Sale (POS) or eCommerce systems

Posted on

RIG Exploit Kit Chain Internals

The Zero2Hero malware course continues with Vitali Kremez explaining the RIG Exploit Kit and how it led to the Amadey Stealer and Clipboard Hijacker


Course Syllabus

  • Technical overview of injection techniques and persistence mechanisms
  • Discovering/recognizing privilege escalation in malware
  • Threat actors techniques to gain a foothold on networks
  • Deep dive into APTs (advanced persistent threats), eCrime
  • Info-stealers and Exploit Kit drive-bys seen in the wild
  • Analyzing shellcode usage in malware
  • Full analysis of malware techniques – stealth, persistence, algorithms, communication to a C2 server, and advanced capabilities

Powerful, Autonomous Endpoint Protection

SentinelOne saves you time by using multiple AI engines, providing complete visibility into all activity, and even rolling back threats with a single agent.

Predict Malicious Behavior

Autonomous monitoring and dynamic behavior tracking detect malicious activity across all threat vectors.

Rapidly Eliminate Threats

Fully-automated, integrated response capabilities eliminate threats and roll manipulated files back to trusted states.

Seamlessly Adapt Defenses

Cloud intelligence and machine learning seamlessly adapt your endpoint and server defenses against the latest malware and attacks.

Do you want better protection?

Hey, We're SentinelOne. We are determined to protect enterprises from cyber threats. Our only question is, will it be yours?

Copyright © 2019 SentinelOne. All Rights Reserved.