This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
REMA
A complete learning track covering static and dynamic malware analysis, reverse engineering of binaries, and incident response — built around real samples and case studies.
Course Instructor: Ashish Revar
Unit 1
Foundational concepts: malware taxonomy, analysis approaches, reverse engineering basics, x86 architecture, assembly language, and debugging methodology.
Unit 2
The analysis environment, PE file structure, static property examination, process memory layout, behavioural analysis, and exploit mitigations.
Unit 3
Assembly logic structures, control flow analysis, Windows API patterns in malware, DLL analysis, code injection, API hooking, Living-off-the-Land, and x64 analysis.
Unit 4
Malicious websites, drive-by downloads, JavaScript de-obfuscation, malicious PDFs, RTF exploitation, and Microsoft Office macro malware.
Unit 5
Packed malware identification, manual unpacking, obfuscated PowerShell, fileless malware, code injection, memory forensics, sandbox analysis, and network signatures.
Unit 6
Debugger detection, VM and sandbox detection, embedded data protection, code misdirection, advanced unpacking, and evasion beyond packing.
Unit 7
A capstone unit that ties the technical content of Units 1-6 to the analyst workflow expected in industry: IOC extraction and pivoting, MITRE ATT&CK technique mapping, and writing the analysis report that becomes the deliverable to defenders and decision-makers.