[Giran]

Hi ,

I'm a young newbie and I don't claim to become an expert. Google is full of resources but i dont know where to start.
RE is handsome and full of thing you can learn.
I'm starting to learn assembly. What could possibly be my first goal ?

[Stelle]

To start, I'm not an expert here by any means, but I have recently started learning myself and these are the resources I'm relying on.

I'd point you to the malwaretech blog, if you click "challenges" up at the top they have a great set of intro materials. I'd also look into the labs for the book "Practical Malware Analysis" (No Starch Press), as these are both good sources of things that are not actually malicious, and should provide a good breadth of beginner material. Colin Hardy has a great youtube channel as well, and mentions a lot of tools. Keep in mind that the tools shouldn't matter that much, it's the skillsets. I don't think you should worry about jumping around a ton of tools, just find the things that work for you and learn until you need a feature you lack.

Get comfortable with VirtualBox by oracle, if you're not already. You will want to pay attention to the network and device access you are giving your victim box. I'd point you towards Remnux (which has a virtual appliance available for download that you can import straight into virtualbox). Remnux has several great tools inside of it, and can be used to partially simulate a normal internet connection (which helps with reversing). Tons of great work has been done with the free version of ida, and OllyDbg, so you'll probably have the easiest time finding tutorial materials in those programs. "Practical Malware Analysis" assumes you'll be working in ida for example.