2013 Day1P7 Life of Binaries: PE NT Header, Optional Header - - vimore.org

2013 Day1P7 Life of Binaries: PE NT Header, Optional Header

2013 Day1P7 Life of Binaries: PE NT Header, Optional Header

YouTube

The class materials are available at http://www.OpenSecurityTraining.info/LifeOfBinaries.html Follow us on Twitter for class news @OpenSecTraining. The playlist for this class is here: http://bit.ly/1cdrfel The full quality video can be downloaded at http://archive.org/details/opensecuritytraining Have you ever wondered what happens when a C program is compiled and executed on a system? This three-day class by Xeno Kovah will investigate the life of a binary from birth as C source code to death as a process running in memory being terminated. Topics will include but are not limited to: *Scanning and tokenizing source code. *Parsing a grammar and outputting assembly code. *Different targets for x86 assembly object files generation. (E.g. relocatable vs. position independent code). *Linking object files together to create a well-formed binary. *Detailed description of the Windows PE binary format. *How Windows loads a binary into memory and links it on the fly before executing it. *Detailed description of the Unix/Linux/BSD ELF binary format. Along the way we will discuss the relevance of security at different stages of a binary's life, from how viruses *really* work, to the way which malware "packers" duplicate OS process execution functionality, to the benefit of a security-enhanced OS loader which implements address space layout randomization (ASLR). Lab work will include: *Using the new "Binary Scavenger Hunt" tool which creates randomized PE binaries and asks randomized questions about the material you just learned! *Manipulating compiler options to change the type of assembly which is output *Manipulating linker options to change the structure of binary formats *Reading and understanding PE files with PEView *Using WinDbg to watch the loader resolve imports in an executable *Using Thread Local Storage (TLS) to obfuscate control flow and serve as a basic anti-debug mechanism *Creating a simple example virus for PE *Analyze the changes made to the binary format when a file is packed with UPX *Using the rootkit technique of Import Address Table (IAT) hooking to subvert the integrity of a program's calls to external libraries, allowing processes to be hidden. The prerequisites for this class are a basic understanding of C programming and compilation. This class is recommended for a later class on Rootkits (playlist: http://bit.ly/HLkPVG) as we talk about IAT Hooking, and required for a later class on malware analysis.



26 Adding Section To PE Binary By Hand

As per request, I am adding a section to PE header by hand using a hex editor. http://resources.infosecinstitute.com/adding-a-section-to-pe-binary/ https://ma

YouTube

Malware Theory - Memory Mapping of PE Files

How are PE files mapped into memory? Follow me on Twitter: https://twitter.com/struppigel

YouTube

Beaglebone: Example Qt Embedded Linux Application

This is the third video in a set of three on Qt application development on the Beaglebone or any other embedded Linux device. The first video introduces the LCD

YouTube

Machine Code Instructions

Describes the structure of typical machine code instructions

YouTube

Part 1 - Overview of OOPs - Object Oriented Principles

BestDotNetTraining is the leading Online Corporate Training Software Institute, which is having morethan 17+ years experianced Microsoft Certified Trainers. Th

YouTube

How to Find, Compare, & Remove Duplicate Photos & Images by Proven Helper

Today I'm going to show you how you can easily get rid of duplicate photos and similar photos and images using a free Windows App called Duplicate Photo Finder.

YouTube

How to Understand Linux File and Directory Permissions: Linux Server Training 101

http://www.soundtraining.net/linux-server-training-101 In this video, you'll gain a fundamental understanding of the basics of Linux (and Unix) file and direct

YouTube

C Programming Tutorial 1 : Memory Layout of a C / C++ Program : Think Aloud Academy

In this video we will look at memory layout for a C / C++ program. When we run a C or C++ program, the loader module loads the executable version of the C / C++

YouTube

Day 1 Part 1: Rootkits: What they are, and how to find them

The class materials are available at http://www.OpenSecurityTraining.info/Rootkits.html Follow us on Twitter for class news @OpenSecTraining. The playlist for t

YouTube

eLearnSecurity -- Malware Analysis Part 1

http://www.elearnsecurity.com -- This video will introduce some of the concepts and tools used to allow you to gain a better understanding and be able to detect

YouTube

Word 2013: Headers, Footers, and Page Numbers

In this video, you’ll learn more about using headers, footers, and page numbers in Word 2013. Visit https://www.gcflearnfree.org/word2013/headers-footers-and-pa

YouTube

Pre Processor Directives in C | bestdotnettraining.com

BestCTraining is the leading online and Class Room Training Institute in Hyderabad, Well qualified Microsoft training experts will train here. Please Visit O

YouTube

usb flash drive virus easy fix

If your folders and files disappear from your usb flash drive and only shortcuts remain you have a virus infection. If your antivirus software cannot detect it

YouTube

C++ GUI with Qt Tutorial - 9 - Creating a Useful Program

Facebook - https://www.facebook.com/TheNewBoston-464114846956315/ GitHub - https://github.com/buckyroberts Google+ - https://plus.google.com/+BuckyRoberts Linke

YouTube

Malware Theory - Basic Structure of PE Files

I explain the basic structure of the Portable Executable file format using animated graphics. This video is meant for beginners in malware analysis. Follow me

YouTube

Altium Designer Tutorial: Schematic capture and PCB layout (1of2)

A simple tutorial on how to use the schematic and PCB functionality of Altium Designer. Next video: http://www.youtube.com/watch?v=9u0Fzpb0yZU

YouTube

QT C++ GUI Tutorial 24- How to use QFileDialog

How to use QDir and QFileDialog in Qt can the Open File dialog be used to select a Folder c++ - In the Qt how to open QFileDialog::getOpenFileNames Qt Toolkit

YouTube

2013 Day1P4 Life of Binaries: PE DOS Header

The class materials are available at http://www.OpenSecurityTraining.info/LifeOfBinaries.html Follow us on Twitter for class news @OpenSecTraining. The playlist

YouTube

Compiler and Header file in C language Hindi tutorial-4

This video is basically tells about Compilers and Header Files in C programming language

YouTube