Analyse de malware

Analyse de malware spécifiquement pour Windows.

Références

• Dans les coulisses de Microsoft Windows
• MalAPI.io maps Windows APIs to common techniques used by malware.
• Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
• VX Underground
• Collection of Native API header files has been maintained since 2009 for the System Informer project
• Living Off The Land Drivers is a curated list of Windows drivers used by adversaries to bypass security controls and carry out attacks.

Documentation Windows utile

• Coding Style Convention
• Linker options