A comprehensive university course repository for learning malware analysis through hands-on labs and real-world samples.
RPISEC/Malware is a complete educational repository containing lecture slides, labs, projects, and real malware samples for a university-level malware analysis course. It teaches students how to detect, analyze, and understand malicious software through hands-on exercises using tools like IDA and OllyDbg. The course follows the Practical Malware Analysis book and covers topics from basic static analysis to advanced rootkit techniques.
Students and security enthusiasts with basic knowledge of C/C++ and assembly who want to learn practical malware analysis skills in a structured, academic format.
It provides a rare, complete university course curriculum developed by students for students, with real malware samples and comprehensive labs that bridge theoretical knowledge with practical application. Unlike generic tutorials, it offers a semester-structured approach with progressive difficulty.
Course materials for Malware Analysis by RPISEC
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
Offers 12 lectures and 10 labs that systematically cover malware analysis from basics to advanced topics like rootkits, as detailed in the lecture breakdown.
Provides hands-on analysis of actual malware samples password-protected with 'infected', allowing practical experience in a safe, controlled environment.
Bundles essential tools like IDA Free, OllyDbg, and Wireshark in the releases package, easing setup for analysis exercises as listed in the tools section.
Includes four projects such as APT sample analysis and unpacking automation, enabling learners to apply skills in realistic scenarios outlined in the project breakdown.
Based on 2015 content, which may not reflect current malware trends or tool updates, limiting relevance for modern analysis despite the course abstract focusing on contemporary malware of that era.
Lacks recorded demonstrations, forcing reliance on sparse slides and self-study, as admitted in the FAQ with 'Sadly we did not record any of the lectures'.
Requires configuring a Windows 7 32-bit virtual machine with proprietary software, creating a barrier to entry for quick starts, as noted in the Analysis Environment section.