Lessons
Step-by-step lessons across Reverse Engineering, Malware Analysis, Cloud Security, and more. Each episode pairs with articles, resources, and follow-up MCQ assessments in the 4Q course view.
12 lessons in REMA

One of the most common anti-analysis techniques — the MAC Address OUI check — and how to bypass it without touching the binary. Alter the .vmx configuration file from the host to spoof a physical MAC address and force the malware to detonate in your sandbox.

Signature detection is useless against code that shifts shape. How a mutation engine alters variable names and registers to change the file signature while leaving the malicious payload identical — and how modern behavioral sandbox analysis catches it.

Identifying packed binaries, manual unpacking with the ESP breakpoint, IAT reconstruction, and Volatility memory forensics workflow.

Living off the Land binaries, fileless execution, and the techniques attackers use to disappear into legitimate Windows processes.

A focused, single-topic walkthrough of process hollowing — the API sequence, the memory state at each step, and how to detect it.

Three landmark cases — Stuxnet, Colonial Pipeline, and REvil/Kaseya — paired with the code-level evasion taxonomy every analyst must know.

How attackers compromise targets through browsers and documents instead of executables. Drive-by downloads, weaponised PDFs and Office documents, JavaScript de-obfuscation.

How elite malware detects debuggers, identifies VMs, sabotages analysis, and protects embedded data — and how the analyst defeats each defence.

How malware injects code into other processes and intercepts function calls. The four major injection techniques and the three layers of API hooking.

The full pipeline from receiving a sample to producing a verdict, covering PE structure, hashes, IAT analysis, sandbox detonation, and persistence checks.

A deeper, more academic exploration of x86 internals, instruction encoding, the EFLAGS register, and the operand model.

Foundational lecture on what malware is, the three-question triage method, and the x86 fundamentals every analyst needs.