0xEvilC0de.com | Page 3 of 5 | reversing and malware analysis

Introduction to x86 Assembly

May 27, 2019 Josh Stroschein Video Series

Many of these videos are from an introduction to assembly course I taught at Dakota State University. Since I no longer teach them, I figured it would be beneficial to provide them here – either as a resource to my current students or to anyone that is just curious and looking for this information. Keep in mind that many of these videos were recorded in the context of a class – so there may be discussion that references the specifics of that particular course and may feel out of place if you’re just watching a single video. Learning Assembly This…

ToorCon XX

September 15, 2018 Josh Stroschein malware

I had the opportunity to give a talk on malware obfuscation techniques this weekend at ToorCon XX, my talk was titled “Following a Trail of Confusion”. Here is the abstract: Modern malware uses a wide variety of code obfuscation techniques to hide it’s true intentions and to avoid detection. In this talk, we’ll explore the latest in native code obfuscation techniques as well as a few techniques commonly used with interpreted languages. We will spend time discussing such methods as dynamically constructing import tables, hiding and using shellcode, packing, string obfuscation, use of virtual machines and other anti-analysis techniques. We’ll…

Features of 0xEvilC0de CTF Framework

September 14, 2018 Josh Stroschein CTF Framework, Help & How-To

0xEvilC0de offers a well-featured SaaS CTF Framework that is frequently updated. Here are some of those features. User Highlights Teams Users may create or join teams. Live Scoreboard 0xEvilC0de features a live scoreboard so users can spectate as the competition unfolds. Hints Challenges can be assigned hints that will help a user if they’re stuck. Hints may also be used to enhance the educational experience. Competition Highlights No Charge To keep 0xEvilC0de accessible, any user may create a competition for free. Organization Collaboration Multiple users can contribute to a competition by being a member of an organization. To have an…

First Pluralsight course now live!

April 18, 2018 Josh Stroschein malware, reversing

I’m excited to announce that my first Pluralsight course Analyzing Malware for .NET and Java Binaries is now live! You can find the course at the following URL – http://www.pluralsight.com/courses/dotnet-java-binaries-analyzing-malware. The ability to quickly analyze software is a critical skill for anyone handling malware. This course will teach you techniques for reverse engineering Java and .NET binaries, how to generate indicators of compromise and get hands on with malware.

Hack-in-the-Box Amsterdam 2018

April 13, 2018 Josh Stroschein malware, reversing

Heading home from another great week at Hack-In-The-Box in Amsterdam. I had the opportunity to present on malicious office documents in the COMMSEC track, you can find my slides at the HITB site: https://conference.hitb.org/hitbsecconf2018ams/sessions/commsec-still-breaching-your-perimeter-a-deep-dive-into-malicious-documents/ or here https://0xevilc0de.com/cons/2018/hitb_ams/2018_HITB_AMS.pdf I’ll post the video when it’s available. Looking forward to next year!