[Gary12345]

Hello,

my dream is to analyse Malware and write Tools against that. I've never found a good start and so I ask you.
First of all I'm a GeekU Junior (Training for removing Malware) and I program in Python (Basics) and some XPROFAN (German Program Language - yes :shock: ). I think Python isn't good for writing such tools and I'm thinking of learning C or C++? I'm so unsure at this time. What to read? Where to start? How to analyse Malware? What would you do?

Thanks
~Gary

[0x16/7ton]

You can find something interesting for you,here :
http://www.kernelmode.info/forum/viewto ... =13&t=1098

[Gary12345]

Would it be correct, if I start to learn C++? Thanks for the stuff, I'm very interested in RootKits!

[0x16/7ton]

Of course it is not bad if you learn it:)
But here some early steps for you(how i see them):
-http://en.wikipedia.org/wiki/Assembly_language
-http://www.intel.com/content/www/us/en/ ... nuals.html
-http://technet.microsoft.com/en-us/sysi ... 63901.aspx
-http://www.amazon.com/Malware-Analysts- ... 0470613033
-http://www.kernelmode.info/forum/viewto ... =10&t=2607

This coincidence but i am now read the book of Robert Lafore about object oriented programming language C++,i think it is a good book,my recommendation for you.
Regards and Good Luck #_#

[Gary12345]

Thanks! That helped me a lot! I will try to learn C++ and some Assembler and we will see if I make the big step to a good malware analyser. :)

[r3shl4k1sh]

My suggestion:

• Learn C
• Keep on Python
• http://www.amazon.com/gp/product/B007ED ... 1000020-20
• Malware Analsys cookbook as a supplement

[Gary12345]

:/

C or C++? Two different suggestions. I've always heard that C is for these things better than C++? Is this correct?

[r3shl4k1sh]

:/

C or C++? Two different suggestions. I've always heard that C is for these things better than C++? Is this correct?

long debate, but your goal is to learn Malware Analysis and since most malwares are written using C it is better for you to learn C.
In addition to that you probably would like to write short programs (Tools) for yourself in which is better to write it using C since it is simpler than C++ and you don't need OO in these kind of programs.

[Gary12345]

Thanks! I will think of this all. :)

[nullandnull]

Assembly + C + Python has been the path I have been using for a while. Here are some books that I'd recommend.

Foundation Books:
Assembly Level for X86 Processor - http://kipirvine.com/asm/ (cheaper to get it used on amazon)
Assembly Language Step-by-Step by Jeff Duntemann is good also.
Do not buy one of the new editions of The Art of Assembly Language by Randall Hyde. It's not assembly but high level assembly or some junk.
Python Essential Reference - http://www.dabeaz.com/per.html
Hacking Secret Ciphers with Python - Has an intro to Python section. Will be useful when you start writing decryptors. - http://inventwithpython.com/hacking/
Beginning C: From Novice to Professional by Ivor Horton
C Programming Language - K&R - Great book but can be a quite terse.

Further Books:
Gray Hat Python - Cool book with some great examples.
Practical Malware Analysis - is a great book with some useful labs - http://nostarch.com/malware
Vulnerability Analysis and Defense for the Internet - older book but still a good companion to Practical Malware Analysis. Part 5 of Practical Malware Analysis looks to have used chapter 9 of this book as a template/outline.
The IDA Pro Book by Chris Eagle is a must read for anyone working with IDA - http://www.idabook.com/