EpochZero Learn
EpochZero LearnMulti-Domain Tech Learning Hub
Courses
LeaderboardAbout
Dashboard
EpochZero
EpochZero Learn
Multi-Domain Tech Learning Hub

Structured learning for Reverse Engineering, Cloud Security, Cryptography, and Web Development. Articles, videos, tests, and peer discussion.

Learn

  • Learning Path
  • All Articles
  • Video Lessons
  • Podcast
  • eBooks & PDFs
  • Question Banks
  • Cheatsheets
  • MCQ Banks

Tests & Forum

  • All Tests
  • REMA Tests
  • Cloud Tests
  • Forum
  • REMA Forum
  • Cloud Forum
  • Crypto Forum
  • Web Dev Forum

Campus

  • REMA Club
  • Full Stack Dev Club
  • Extension Activity
  • Events
  • CTF Competitions
  • Workshops
  • Industrial Visits

Platform

  • Dashboard
  • Leaderboard
  • About
  • Verify Certificate

© 2026 EpochZero Learn. Educational content for learning purposes.

Course Instructor: Ashish Revar

Lab notebook

Articles & writeups

In-depth analyses of malware samples, technique deep-dives, and lab notes from the field. Long-form, technical, no fluff.

All articlesAnalyst PracticeEducationMalware Deliverycloud-securitymalware-analysisresearch-methodology

46 articles in "Education" — page 2 of 6

Education

Fileless and Multi-Technology Malware

How fileless malware executes entirely in memory using PowerShell download cradles, .NET reflection, WMI event subscriptions, and registry-resident payloads — with detection strategies and multi-technology attack chain analysis.

12 May 202616 min
Read →
Education

Obfuscated PowerShell Scripts

Base64 encoded commands, string concatenation, compression streams, AMSI bypass techniques, Script Block Logging, and de-obfuscation tools — how to recover the cleartext payload from any PowerShell obfuscation layer.

12 May 202616 min
Read →
Education

Unpacking with a Debugger

The Original Entry Point concept, the ESP hardware breakpoint technique for finding it, and the Scylla workflow for dumping and rebuilding the Import Address Table into an analysable PE.

12 May 202618 min
Read →
Education

Identifying Packed Malware

The four structural indicators of packing, how packers work, common packer families from UPX to VMProtect, and how to use Detect-It-Easy to identify the packer before attempting to unpack.

12 May 202616 min
Read →
Education

Microsoft Office Macro Malware

VBA macro infection chains, document format identification, olevba analysis, P-Code, Excel 4.0 XLM macros, DDEAUTO, remote template injection, and malicious OneNote files — with a complete triage workflow.

12 May 202618 min
Read →
Education

Malicious RTF Analysis

RTF file structure, why attackers prefer it, CVE-2017-11882 and CVE-2017-0199, OLE object extraction with rtfobj, shellcode analysis with scdbg, and high-risk indicator recognition.

12 May 202615 min
Read →
Education

Malicious PDF Analysis

PDF file structure, attack vectors — embedded JavaScript, launch actions, embedded files — and a practical triage workflow using pdfid.py and pdf-parser.py to extract and analyse malicious content.

12 May 202616 min
Read →
Education

JavaScript De-obfuscation

How to recover the cleartext payload from obfuscated JavaScript using eval interception, browser DevTools breakpoints, and CyberChef — with patterns for Base64, string concatenation, character codes, and nested eval.

12 May 202614 min
Read →
Education

Malicious Website Analysis

Drive-by download attack chains, URL deception techniques, exploit kits, and safe investigation tools — how to analyse a suspicious URL without visiting it.

12 May 202614 min
Read →
Prev1234...6Next