[エデュウィルホワイトハッカー養成過程] APTマルウェア

[Lecture Review] It was a really rewarding and fun lecture. I had two concerns while studying security. 1. Will I be able to naturally integrate and use fragmentary basic knowledge? 2. How would an actual attacker think? I think this lecture provides a way to solve the two fundamental concerns above, even within a limited time. 1. Will I be able to naturally integrate and use fragmentary basic knowledge? 1-1. I read [Windows System Programming] [Operating System] books, but I was able to see with my own eyes whether the actual code really operates on this basis. 1-2. I know [C/C++] to some extent, but I only knew how it is used in other fields (game programming, graphics, etc.), so I learned that it is used in this way in the security field. 1-3. I read books related to [Reversing] and [Malware Analysis], but when I studied reversing, I only followed assembly and thought, 'There are such techniques' It was at that level. It was a really helpful lecture from a reversing perspective because I was able to learn how the assembly is structured through debugging the code I made myself. 2. What would an actual attacker think? I looked at the MITRE ATTACK Matrix to learn about attack scenarios and techniques, and implemented some of them directly into code. When I thought about security, I had a vague defensive and passive stance, but I was able to learn what the attacker's concerns are and how to implement them by following along one by one. Before implementing the APT code, the lecture provides a very long explanation of the necessary background knowledge, but this lecture consists of projects that can be challenged more easily if you have some basic knowledge. Of course, as emphasized in the lecture, it will take more time to debug it yourself after the lecture and implement it yourself again, but it was a lecture that gave me a direction for what to do in the future. [I think the lecture could be improved] 1. It would be good to have a slightly more organized script for each lecture. Since you emphasize important content, the explanations often become long and verbose, so the lectures often become long. I think the quality will improve if you lecture with a slightly more refined script. 2. It would be better to use an app like Microsoft Whiteboard rather than Paint. In fact, most of the theory is conducted in PPT, so there was no problem at all, but I would like to suggest another app with a better handwriting interface than Paint. 3. It would be good if the lecture materials could be downloaded all at once as a single zip file. 4. It would be good to receive the completed solution files as learning materials. When I paused and followed along line by line, it worked normally, but I was confused when an error occurred that was not mentioned in the lecture. (Of course, I solved it by Googling.) So I would like to download the completed solution files.