This article was published on the 6th of June 2022.
This update marks the course’s fourth anniversary. Much like the previous year in review posts, I will start off by saying that the course’s development is very much on-going. This article will dive into the course’s progress, events which impacted the course over the past year, and some of the struggles I have with finding relevant samples for the course, as well as my solution for it.
Table of contents
The course’s progress
Over the past year, multiple updates have been made to this course, albeit less than I made in earlier years. The updates consists of additions, regarding Dot net debugging, several Ghidra scripts, and a tutorial to dump WhisperGate’s wiper. The biggest update was a revision of the complete course, with regards to the style and tone of the articles. Additionally, I found and fixed dozens of grammatical errors and spelling mistakes. Lastly, I updated articles to further clarify concepts and updated dead links.
The revision was long due, as I had postponed it earlier, as I favoured publishing new content. I dreaded the overhaul, as I knew it would be a lot of work to revise some of the earlier articles, which I wrote in a rather different style. Personally, I am happy with the way the review turned out.
A reopening world
The COVID-19 pandemic imposed restrictions everywhere for everybody. The lack of events, be it conferences, drinks, or simply going out for dinner with friends, allowed me to spend more time on my blogs. The world is, currently, reopening itself, albeit not fully. As such, there’s less time for me to spend on blogs. This does not mean, however, that the course’s development will stop. Rather the contrary, although the frequency of my blogs will change. I aim to publish one blog per month at least, which allows me to produce blogs that meet the quality requirements I impose on myself.
Avoiding repetition
To write a blog, I first need to have a suitable sample. The more articles the course contains, the harder it is to find a sample which meets the criteria to blog about. As I want to avoid repeating techniques I have already written about, the number of suitable samples is ever decreasing.
To resolve this, I plan to open a new chapter in the course which covers malware snippets. The articles will cover one snippet at a time, allowing me to write about samples that were previously deemed unfit, as the focus is only on a part of the sample. A snippet can be a single interesting technique, or part thereof, providing me with more freedom and more suitable samples overall.
To conclude
To conclude this year in review: I’m happy with the past year, and the course will continue to be updated. Suggestions and tips are always welcome, feel free to contact me via any of the methods that are listed below.
To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.