Binary Analysis Course

Additions Added the API Hashing article to the malware snippets To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.

Additions Added the malware snippets chapter Added the self deletion article to the malware snippets To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.

Additions Added a year in review for 2021-2022 to the miscellaneous chapter To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.

Additions Added Ghidra script to handle stack strings to the analysis scripts chapter To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.

Additions Added Dumping WhisperGate’s wiper from an Eazfuscator obfuscated loader to the malware analysis chapter Changes Changed dnSpy to dnSpyEx in the Debugging Dot Net binaries article, since the original project is not actively developed anymore, whereas the fork is To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, … Read more

This update marks the fortieth to my Binary Analysis Course! The last update was on the 25th of July 2021, which is admittedly longer ago than I had hoped for. In the months between then and now, I reviewed every single article in the course. In the past, I had already reviewed some articles, which … Read more

Additions Added the Ghidra script to decrypt a string array in XOR DDoS article to the analysis scripts chapter. To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.

Additions Added the Debugging Dot Net binaries article to the common techniques chapter. To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.

Additions Added the a year in review: 2020-2021 article to the miscellaneous chapter. To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.

Additions Added the Ghidra script to decrypt strings in Amadey 1.09 article to the malware analysis chapter. To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.