MALWARE ANALYSIS // How to get started with John Hammond
ฝัง
- เผยแพร่เมื่อ 20 มิ.ย. 2024
- The amazing John Hammond tells us how to get into Malware Analysis. Learn about jobs, what you need to know and much more!
Menu:
0:00 ▶️ Pretty sketchy stuff!
0:37 ▶️ Welcome John Hammond
0:53 ▶️ Don't divide cyber in your mind
2:00 ▶️ John's day job
3:17 ▶️ Hacker's crafty methods
4:02 ▶️ Will AI take jobs away?
4:55 ▶️ How do I become like you?
5:35 ▶️ Windows is very important
6:12 ▶️ Malware vs CTFs
6:32 ▶️ Is Malware mainly on Windows systems?
7:28 ▶️ Always comes back to the same thing
8:50 ▶️ Practical Example
9:29 ▶️ John's setup
11:42 ▶️ Python malware example
12:50 ▶️ Malware code
15:50 ▶️ Bad guys can sell this information
16:30 ▶️ But this is in the clear?
17:14 ▶️ Obfuscated version
18:28 ▶️ Real world? Don't want to touch disk
19:50 ▶️ How do I find this stuff
20:58 ▶️ Weird Spam SMS messages
21:30 ▶️ Real World: Finding malware
23:42 ▶️ John's real world company example
24:20 ▶️ Real world logic to find malware
25:23 ▶️ Detectors
25:48 ▶️ Hunting malware
26:25 ▶️ Use your eyes - don't trust an automated systems
27:15 ▶️ Input from other systems
27:49 ▶️ How do I become like you?
28:00 ▶️ What kind of skills would you look for in a person to get a job
29:24 ▶️ Look at malware sites
30:15 ▶️ Build out a library
30:38 ▶️ David pushes John for a job on LinkedIn
33:05 ▶️ How did John get his job?
33:30 ▶️ Use social media
34:31 ▶️ How John got his first job
35:55 ▶️ It's who you know, not what you know
36:30 ▶️ How John got his current job
38:19 ▶️ Would you hire someone with certs; or someone you know
39:50 ▶️ Windows bat script example
45:08 ▶️ Which languages does John know
45:38 ▶️ How do you know if it is good or bad code?
46:45 ▶️ Office Macros Malware Example
50:40 ▶️ Cool Linux command
51:26 ▶️ Is this a good job? Are there lots of job?
52:30 ▶️ What hours do you work?
53:31 ▶️ Any books you recommend?
John Hammond Playlist: davidbombal.wiki/johnhammond
====================
Web Sites mentioned:
====================
Use at your own risk:
vx-underground: / vxunderground
theZoo: / vxunderground
Malware Bazaar: bazaar.abuse.ch/
Joe Sandbox: www.joesecurity.org/
Any run: any.run/
VirusTotal: www.virustotal.com/gui/home/u...
======
Books:
======
The IDA Pro Book: amzn.to/3DtEATW
Black Hat Go: Go Programming For Hackers and Pentesters: amzn.to/3gISKa4
Black Hat Python: Python Programming for Hackers and Pentesters: amzn.to/3ta50FH
Python Pocket Reference amzn.to/3mQPME2
Linux Pocket Guide: Essential Commands: amzn.to/2UWBwya
Regular Expression Pocket Reference: amzn.to/3gJoP1f
Linux Basics for Hackers: Getting Started with Networking, Scripting, and Security in Kali: amzn.to/3Ds22Rq
================
Connect with me:
================
Discord: / discord
Twitter: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
TH-cam: / davidbombal
================
Connect with John:
================
TH-cam: / johnhammond010
Twitter: / _johnhammond
LinkedIn: / johnhammond010
malware
malware analysis
cybersecurity
cybersecurity jobs
hacking
ethical hacking
hacking jobs
john hammond
hack the box
try hack me
htb
thm
cyber security career
cybersecurity
cybersecurity careers
ceh
oscp
ine
oscp certification
ctf for beginners
first job
cybersecurity job
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#malware #hacking #cybersecurity - วิทยาศาสตร์และเทคโนโลยี
Yo David, just wanted to thank you for the free courses on Udemy! Being from Bangladesh 🇧🇩 it is difficult (not impossible) for us to make international transaction legitimately through a bank. So, your free courses are kinda life saver!!! So thank you very much!!!
I'm really happy to hear that I could help you Saroar 😀
That's awesome, David you were a major factor in me signing up for school so thank you for that sir
Are you Bangladeshi?
Saroar Ahmed.....glad to have you in that channel...I don't know why our Bangladeshi people's don't watch these channels....
@@rubayethassan5615 where is your house in Bangladesh?
Menu:
0:00 ▶ Pretty sketchy stuff!
0:37 ▶ Welcome John Hammond
0:53 ▶ Don't divide cyber in your mind
2:00 ▶ John's day job
3:17 ▶ Hacker's crafty methods
4:02 ▶ Will AI take jobs away?
4:55 ▶ How do I become like you?
5:35 ▶ Windows is very important
6:12 ▶ Malware vs CTFs
6:32 ▶ Is Malware mainly on Windows systems?
7:28 ▶ Always comes back to the same thing
8:50 ▶ Practical Example
9:29 ▶ John's setup
11:42 ▶ Python malware example
12:50 ▶ Malware code
15:50 ▶ Bad guys can sell this information
16:30 ▶ But this is in the clear?
17:14 ▶ Obfuscated version
18:28 ▶ Real world? Don't want to touch disk
19:50 ▶ How do I find this stuff
20:58 ▶ Weird Spam SMS messages
21:30 ▶ Real World: Finding malware
23:42 ▶ John's real world company example
24:20 ▶ Real world logic to find malware
25:23 ▶ Detectors
25:48 ▶ Hunting malware
26:25 ▶ Use your eyes - don't trust an automated systems
27:15 ▶ Input from other systems
27:49 ▶ How do I become like you?
28:00 ▶ What kind of skills would you look for in a person to get a job
29:24 ▶ Look at malware sites
30:15 ▶ Build out a library
30:38 ▶ David pushes John for a job on LinkedIn
33:05 ▶ How did John get his job?
33:30 ▶ Use social media
34:31 ▶ How John got his first job
35:55 ▶ It's who you know, not what you know
36:30 ▶ How John got his current job
38:19 ▶ Would you hire someone with certs; or someone you know
39:50 ▶ Windows bat script example
45:08 ▶ Which languages does John know
45:38 ▶ How do you know if it is good or bad code?
46:45 ▶ Office Macros Malware Example
50:40 ▶ Cool Linux command
51:26 ▶ Is this a good job? Are there lots of job?
52:30 ▶ What hours do you work?
53:31 ▶ Any books you recommend?
John Hammond Playlist: davidbombal.wiki/johnhammond
==================
Web Sites mentioned:
==================
Use at your own risk:
vx-underground: twitter.com/vxunderground
theZoo: twitter.com/vxunderground
Malware Bazaar: bazaar.abuse.ch/
Joe Sandbox: www.joesecurity.org/
Any run: any.run/
VirusTotal: www.virustotal.com/gui/home/upload
======
Books:
======
The IDA Pro Book: amzn.to/3DtEATW
Black Hat Go: Go Programming For Hackers and Pentesters: amzn.to/3gISKa4
Black Hat Python: Python Programming for Hackers and Pentesters: amzn.to/3ta50FH
Python Pocket Reference amzn.to/3mQPME2
Linux Pocket Guide: Essential Commands: amzn.to/2UWBwya
Regular Expression Pocket Reference: amzn.to/3gJoP1f
Linux Basics for Hackers: Getting Started with Networking, Scripting, and Security in Kali: amzn.to/3Ds22Rq
================
Connect with me:
================
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
TH-cam: th-cam.com/users/davidbombal
================
Connect with John:
================
TH-cam: th-cam.com/users/johnhammond010
Twitter: twitter.com/_johnhammond
LinkedIn: www.linkedin.com/in/johnhammond010
i got exited from only intro
Thank you, Mr Bombal.
David Sir.. I am a student. I want to start my career in cybersecurity specially bug bounty hunting. Please 🥺 suggest me how do I start my journey in cybersecurity. Please 🙏 reply 🥺
Thank you
I love the conciseness of this channel. Timestamps, no time wasted, doesn’t talk _too_ much. 👌
These “old” videos are so under utilized by people trying to get into the industry, this one is a GEM. Seeing where the people I look up to were a couple years ago is super inspiring! One of my favorite parts about both of you is your pursuit of learning, thank you for creating!
This is GOLD!
I cannot thank you enough David and John, you are the best!
My two favorite IT teachers in one video ? Hell yes!! 🔥
Thank you Aftab!
David you are the best of best. It is hard to find someone like you, who gives amazing courses for free and all these video tutorials. As a cyber security undergraduate, I'm really thankful to you for all your efforts. Wish you best of luck Dav. ❤️💯
Thank you so much for covering this.
I’m on my own journey of getting into cyber security, and have been growing a big interest in malware analysis. I’ve asked around and no one knew what I was talking about. Was getting really discouraged, thanks!!!
To me,this is a gold mine! Thank you guys for taking time and educate us 👌🏻👍🏻
Every time I have a question about something I want to know, you've got a video about it. Thx, bud
Man, everything I watch some of your stuff, I always end up going down a different rabbithole , inspireing and fun !
Many thanks to yourself, John and all your guests for providing Insight 🙏🇦🇺
Love John Hammond and you as well David!! Thanks so much for the help!!!
These guys are pro in their field and they are so humble and down to earth
It's nice to see the new guard. Enjoying your vids, David. Thank you.
Really useful, thanks. As a teacher trying to find work, it was almost difficult to have something to show to potential employers. But as a security Analyst maybe working towards malware analysis - really interesting that John mentions being so out there in the community actually being useful for job hunting. But then I'd have to be careful of NDA and make sure I don't do anything that might put me at cross purposes with my current employer.
Wow David ! really excited with JH series 🥳❤
What I like about you David is that you ask very relevant questions! Keep it up
Its Finally here,Malware Analysis, Thank you David. Would be nice if you released a Full udemy course on Malware analysis
John and David, has something special about our future
Wow, I never see a course cover this topic, thank you David
Great video and appreciate his presentation. Great to see the way how one has to comb through the script to see the malicious process being executed.
As a pentester, I would like to see more of malware analysis and blue team stuff.
Thanks to the universe for 2 good guys like you two. Thanks guys!
Hey David Thanks Man this interview was really very helpful for me i live in india just passed my Diploma in Computer Technology. I am following you since from last 6 months i just watched whole video without skipping anything it influenced me more to learn. Best wishes again David .🔥
I always disable my adblock and watch the ads on david videos, thanks for the free courses and the amazing content on youtube
There's always great content on this channel. I went from Help desk to Network Admin to Security admin to IT manager from this channel. Thank you for providing these things to us.
That's fantastic Theodore! Thank you for sharing 😀
Nice!!!
I really look up to you and John, glad you discussed this :)!!
I've really been wanting/hoping for something such as this! Thank you so much!!!
Thank you Samerkia! You're welcome!
really cool show im just learning python and studying sec+ atm very interesting and informative, like a newbie can understand such a nice show you two do :)
Great interview, and so much info. Thank you David.
I loved the way John broke down the powers hell code in vscode. I find it very useful and smart tip.
That was a fantastic video.
Thanks to the both of you for taking the time to share ed that wealth of information to everyone.
Thank you again, I never fail to not learn something from your videos.
David, once again, Thanks so much, as always great materialand Thanks and amazing job to John Hammond.
Thank you so much for your support Yamit!
David thank you for raising all valid questions which one or other may get..
Hey, David. I take your paid courses on Udemy just for the reason that you're a great community uplifting power. My sincere appreciation for your efforts. Also, your sessions like this are quite enjoyable. Pls do keep them coming.
What an amazing episode with David and john
Jhon and David together, that is amazing!!!!!!
Big fan of you both also!!
The video was amazing.
Thank you
Thank you Pranava!
David, your questions were perfect. Actually, those were the questions I would like to ask him, because I see John as an example to me. So, thanks for that. Great job. And John, you're a monster!!!! :)
Hey David. Thanks a ton for this, would request you for more such podcasts
Shamshing content by Sir David and John. Thank you for sharing this. Superb!
Hey David thank you so much for the efforts that you put
Big thanks 👍
David you have the best content on cyber security by far. There is no one even close! Congratulations
Thank you! You are very kind to say that 😀
We thank you, dear teacher, for your valuable efforts for us
Great content, thanks for this collab!
John is a genius, I just love humble attitude.....
Good morning David!! Thank you for all you do!
Good morning Jess. Thank you!
That was great. Thanks David and John.
@David Bombal Hi David, thank you very much for sharing all your knowledge with special guests!! It helps us all alot in what we are all trying to learn! ^^ 😀
great job mr.david badly wanted to see collobaration with john...thankz🥰❤🔥
Loved this interview! you both are awesome!
What I like about David Bombal is that he is here, on TH-cam, to learn and to teach. I really passionate about cybersecurity and you can really tell that he wants to learn. Respect!
Thank you! We can all learn from each other :)
Tnx sir I watched full video .
You are trying to help more people who r financially down.
Great job sir tnx 🙏🙏🙏🙏
Love from Tamil Nadu India 🔥🔥🔥🔥👍👍👍👍🙏🙏🙏
Thanks so much David and John ❤
Very interesting video! John just touched on how to set up a secure environment to investigate malware. A video with more detail on how to set up a secure environment would be of value.
Nuff Respect @ David and @John. Thanks for these contents
Great to see two of the very best together, it's a request if you can make a video regarding the latest scenarios and situations about "Dark Web" and all kinds of security and prevention methods to stay safe from "Dark Web", also have seen some videos on TH-cam about "Paranormal and Creepy" creatures on "Dark Web" so any relevant videos with proper information on whether they are real or not could be very interesting for all to know and explore
David you are great teacher, i follow you from Morocco. You are best and your course very helpful than university.
Appreciate ! i have a test for crowdstrike advanced threat internship and info helps me getter the piece together ! great job guys !
I really thanks to both of you with lot of love ❤️❤️
David, thank you for being you!
Man I just Love David Collab with such Pros Keep up the good work David 🥳
Thank you Divakar
Wow David incredible stuff, Thank you you are incredible.....and Kudos to Mr. Hammond as well .....
Glad you enjoyed it 😀
I would like to have three attributes of John that I really admire: his knowledge, that hair and that great smile
continue this course David because we need to know about Malwer Analysis also ❤️
Thank you
David you have a heart of gold!
Thank you Jess
David, just wanted to thank you for everything ,,, i just passed my CCNA exam 2 hrs ago
Huge congratulations!! That is great news! Well done
great content david! kudos to john
great video, you should do more collabs like this.
Dear David thank you for all the free courses on Udemy. I'm benefiting a lot from these courses.......hoping to repay you back in future LOVE all the way from Sierra Leone...............
Awating for solar winds analysis , great job 👍❤️
Most waited moment..! ❤
Thanks for this insightful video!
Yay! John is here too
Well done and thanks for the amazing contents
This was a great insight in malware stuff , at least a good content to start with , I would like to thank you both David and John for bringing this to your viewers. However I have one question for both of you here , as john was showing he has collected all those malware samples on his Linux(ubuntu) box , I hope there were no malware detection software like AV, end point security etc. , had that been a case we would have a hard time opening those files in editors and IDEs for analysis, Do you guys agree with me here ? . Since we are not protected in such environment what precaution we should take while doing analysis of these malware samples ? How do we deal with this malware samples in real world environment ? Do we have kind of some isolated environments or sandboxed environment where we analyze these samples ? . if yes , Can you guys pour some light on how to create such environment as a part of one's home lab ?
Omg such an important topic david and John great work guys you are just making hacking with a robust approach . David please say thanks to John from me .
Thank you Sunil
You did a great job david...fully respect you but can you make a video on creating CTFs
Astounding work *EXELASUPPORT* - so euphoric you are out there battling these failure. We recognize that ought to do all that we can for save the more settled and the overall people from these contemptible mutts! Approval to YOU!! You merit the Nobel prize for safeguarding us epic up family
Again high level information thanks sir.
Hi devid it's great video but I waiting for video for WiFi adaptors increase a TX power use a main three factors 1.domain regularly code for a contry,2.hardware like usb port limitetion milliampere power power usb hub for increasing milliampere power and last 3. With wifi adaptor which type of attack we perform like package injection , vertual mobile towers type of bands we scan! Thank you!
Wow, What a coincidence!!!! just before a while I was searching for malware analysis videos... Also I am david and john's fan boy !!!, so I love this very much ...
Very happy to hear that Perumal
Thank you. you are future of next gen
Once somebody does Python, they may be finding some enjoyment in working with C++ or Rust or Win32 API in Python using CTypes for the purpose of Malware Analysis. Working "low-level" close to the metal will really help anyone's overall professional skills & and make even better network automation tools because low-level can do things that abstract libraries cant. The Malware Analysis spoke to me with the Win32 API being important in finding viruses in Assembly Language. Also, the free giveaway of Ethical Hacking made the previous hacking videos about Red & Blue team clearer
Hi David, love your content. I recently gained my ccna cert, wondering what to do next, I've only installed security cameras thus far which wasn't part of the course.. lol
I LOVE John Hammond
So great content ...BEST!!👌👌
This is great🔥❤️🔥
This is Gold!
Still working as of today, ty!
8:16 John is so humble... god damn it John...
again i wanna say this sir i love you learning alot of things
wow we need more like these
Great Thank you David.....
Awesome mannn. Just amazing
Glad you liked it!!
Awesome content just like always
Thank you!
Subscribed to John...💝
Thank you guys really thanks for everything explain, contact ideas John and David best in the world
I thought I will watch for two minutes switching between titles and here I am writing this comment after the end watching from starting to end without switching 😄.
That's how interesting it gets🎉
Fantastic! Happy to hear that 😀
Good morning David, amazing video
Glad you enjoyed it Hasan!
I love u man u are the best one on TH-cam ❤❤