So, just to update from last month, my big news, I passed the SANS GPEN examination. As you may know, it covers penetration testing. My goal is to at some point be able to pentest my lab, add malware and to attempt to detect the intrusion, analyze the hacked system and be able to re-mediate the system and detect future intrusions. as such I will need to learn a lot. One part of that will be malware analysis.
Later this year I plan to take the SANS 560 course which deals with malware analysis. In preparation for that, I will need to learn a lot including programming, which has been a big stumbling block for me. But I am confident that I can overcome it. What I am doing now is attempting to read Practical Malware Analysis by
Michael Sikorski (http://www.amazon.com/Practical-Malware-Analysis-Dissecting-Malicious/dp/1593272901). Getting through this with my limited knowledge should be a challenge that will be interesting. I've finished chapter one but will be going back over it. I do wish they had put Ch. 2 first as it deals with setting up your lab. Ch. 1 has you analyzing malware without a lab setup. Not a great idea. What I found interesting is that the malware included is not detected by my current A/v software, a few years after the book was published. :o Anyway, i'll keep those of you who may be reading informed.