Nice video ‌Is there any tools to Removing anti-reversing checks for dotnet? @MalwareAnalysisForHedgehogs thanks

Hi Karsten, I know the Udemy course is way for you to get money and the content you are giving the public is priceless. Some people can not pay the price of the course, are you going to provide coupons oe at least have some discounts. More good karma what do you think?

Fantastic Video

great tutorial. i have a question: we i studied the book of "practical malware analysis" awhile ago i came across snort rules to catch network signature. the question is is this still relevant today or there is different strategy utilized these days?

excellent as usual thanx a lot. danke :)

As always, great content! Thanks

thank you! hope to see more content from you related to yara :)

Awesome video. Thanks.

-Gheidra- Gheedra

Awesome work, useful and alternate way to try in x64dbg.

❤❤❤

Thank you for sharing this interesting work!

after a longtime 🎉

if it is possible could you make a video on how to write a good malware analysis report in a professional way?

excellent tutorial sir.

how can i debug (dynamic analysis) a .net dll file? in x32dbg we use rundll32.exe what can we use in dbspy??

Incredibly helpful and very succint! Thanks Karsten.

I used IDA. Now, I am using Binary Ninja

Nice video good tech skills on how to. Dank u wel!

@ 21:15 you want to Ctrl + alt + p and then change python interpreter to the version your pip is installing to. If that doesn't work just Ctrl + alt + p and type python and click restart interpreter.

excellent as usual. thanx a lot

any malware dev course?

u use c or c++ ?

Amazing content. Thank you :)

Writing malware can make you very wealthy person whereas finding a job as a security researcher in this IT market will lead to nowhere. ;)

Thanks for the Detail video Kristan sir, Really Informative video with Good Explanation, Appreciate your Hard work making these videos, Best wishes 😊

Brooo you are such a legend!!! please keep going! Respects from Germany

ordered right away

Good video but hard to follow with the hand written notes

Informative!

I think most people use cr@cked ida on a virtual machine for home usage for work it's more problematic. ghidra has an aweful UI, but has some powerfull features for certain aspects.

Thank you for the analysis. Next time could you link the sample of each stage please? Without VT enterprise I can't obtain the atom.xml payload as the site is offline and as it is executed in memory I don't see file artefacts in public sandbox reports, so can't follow along.

hello, i have a question regarding the case of using new malware code which is essentially a zero day but packing it with a "tagged" stub, that will result with the file being detected as mw. My question then is it possible for a malware writer to know which stub is unused, or it's impossible since it depends on the packer which chooses randomly, then we are left with two options either there is a packer in the dark web used by hackers which removes a stub each time they sell it to a buyer. or the malware owner tries his packed file with multiple AVs many times until it's not detected ? sorry if i turned it into a monolog i just got lost speaking outloud.

Very informative video, thank you. When I'm not so poor, I will purchase your Udemy course.

I had a dream that you were EMPRESS and that this is your voice. I won't go into any further details =]

Thanks man

For some reason I want to use the hex tool to edit the .net managed file(Because DNspy had some errors after recompiling files),Can you give a tutorial on how to edit .net file via hex tools? thanks

Great information, Really good knowledge video, Thanks making this video.

For unknown reasons the sync of the audio is off, but only after I upload a video to KZbin. When I watch the video from the local file, everything is fine. I have no idea why this happens. If anyone can give me a pointer, I would be open to hear it.

hello i know this vid is pretty old but i hope you can provide some context for me; what did you mean by decrypted body shape when talking about the deference between oligo/poly/meta -morphic viruses ? is it referring to the dynamic behavior of the malware ?

Very well explained, it was a masterclass of writing your own unpacker, thanks for the video and explanations!

Great stuff! I did not see any good tutorial on speakeasy so far. I learned a lot here. Thanks Karsten.

Helo Sir, Can you help me one thing Last few days I am trying reverse engineering for my one small exe file, I am new learner, but cant do it, because of that i am not getting OEP using x64dbg, thats why i cant do this. Please can you help to do reverse engineering for the exe file or make a video tutorial for that. Thank you sir.

Looks like the JS tool extract_called_functions.js only supports the [email protected]. I tried the tool with the latest commander package and recevied an "version" not found error.

Whew. Pascal. That's something I haven't thought about since the late 90s.

I just use radare2 and cutter :3

Just purchased your course, can't wait to get stuck in.

Very Useful! Thanks!

The handwritten text discouraged me from going in more than 2 minutes

Ghidra support has been fairly constant since its release via github. Simple bugs and usability issues are usually fixed very quickly. Some of the more complex issues/requests eventually get fixed too, like the addition of theming.