
Course materials for Malware Analysis - adamnemecek
https://github.com/RPISEC/Malware
======
lfx
Very interesting! Are you going to publish lecture slide or more better notes?
Would be great and highly appreciative.

I know that Win* are more popular for malware therefore lectures. But by any
chance are you considering doing something similar for nix*?

Thanks for putting it on line!

~~~
Aidielse
The lecture slides are released. If you're looking for more detail, I highly
recommend the Practical Malware Analysis book! There are also additional books
recommended in the readme for the class.

We've talked a little about doing something *nix, but I don't think we will
have the time until maybe the Summer, as all of us 3 authors are full-time
students.

~~~
lfx
Thanks for recommendation! It seems more like win focused book. Maybe you have
books recommendation for nix*?

~~~
itszn
[https://www.gnu.org/fun/jokes/evilmalware.html](https://www.gnu.org/fun/jokes/evilmalware.html)

------
zerr
How one gets into anti-malware/virus business nowadays? I mean, e.g. you have
to get a signatures database somewhere - are these available on the market?

~~~
TACIXAT
You can get ClamAV's database files. Though most AVs are cloud based now. They
store the hash database online and the clients just query it. Most integrate
sandboxes with heuristics for malicious behavior (for unseen samples) and
machine learning on previously malicious samples to create rules for new
detections. Most will also monitor network traffic and have rules for
detection there too.

~~~
greggarious
That seems like a terrible idea... hashes are small, and I should be able to
run an AV scan without connecting to the net.

