MALWARE ANALYSIS // How to get started with John Hammond

Подписаться 2,5 млн

Просмотров 288 тыс.

50% 1

The amazing John Hammond tells us how to get into Malware Analysis. Learn about jobs, what you need to know and much more!
Menu:
0:00 ▶️ Pretty sketchy stuff!
0:37 ▶️ Welcome John Hammond
0:53 ▶️ Don't divide cyber in your mind
2:00 ▶️ John's day job
3:17 ▶️ Hacker's crafty methods
4:02 ▶️ Will AI take jobs away?
4:55 ▶️ How do I become like you?
5:35 ▶️ Windows is very important
6:12 ▶️ Malware vs CTFs
6:32 ▶️ Is Malware mainly on Windows systems?
7:28 ▶️ Always comes back to the same thing
8:50 ▶️ Practical Example
9:29 ▶️ John's setup
11:42 ▶️ Python malware example
12:50 ▶️ Malware code
15:50 ▶️ Bad guys can sell this information
16:30 ▶️ But this is in the clear?
17:14 ▶️ Obfuscated version
18:28 ▶️ Real world? Don't want to touch disk
19:50 ▶️ How do I find this stuff
20:58 ▶️ Weird Spam SMS messages
21:30 ▶️ Real World: Finding malware
23:42 ▶️ John's real world company example
24:20 ▶️ Real world logic to find malware
25:23 ▶️ Detectors
25:48 ▶️ Hunting malware
26:25 ▶️ Use your eyes - don't trust an automated systems
27:15 ▶️ Input from other systems
27:49 ▶️ How do I become like you?
28:00 ▶️ What kind of skills would you look for in a person to get a job
29:24 ▶️ Look at malware sites
30:15 ▶️ Build out a library
30:38 ▶️ David pushes John for a job on LinkedIn
33:05 ▶️ How did John get his job?
33:30 ▶️ Use social media
34:31 ▶️ How John got his first job
35:55 ▶️ It's who you know, not what you know
36:30 ▶️ How John got his current job
38:19 ▶️ Would you hire someone with certs; or someone you know
39:50 ▶️ Windows bat script example
45:08 ▶️ Which languages does John know
45:38 ▶️ How do you know if it is good or bad code?
46:45 ▶️ Office Macros Malware Example
50:40 ▶️ Cool Linux command
51:26 ▶️ Is this a good job? Are there lots of job?
52:30 ▶️ What hours do you work?
53:31 ▶️ Any books you recommend?
John Hammond Playlist: davidbombal.wiki/johnhammond
====================
Web Sites mentioned:
====================
Use at your own risk:
vx-underground: / vxunderground
theZoo: / vxunderground
Malware Bazaar: bazaar.abuse.ch/
Joe Sandbox: www.joesecurity.org/
Any run: any.run/
VirusTotal: www.virustotal.com/gui/home/u...
======
Books:
======
The IDA Pro Book: amzn.to/3DtEATW
Black Hat Go: Go Programming For Hackers and Pentesters: amzn.to/3gISKa4
Black Hat Python: Python Programming for Hackers and Pentesters: amzn.to/3ta50FH
Python Pocket Reference amzn.to/3mQPME2
Linux Pocket Guide: Essential Commands: amzn.to/2UWBwya
Regular Expression Pocket Reference: amzn.to/3gJoP1f
Linux Basics for Hackers: Getting Started with Networking, Scripting, and Security in Kali: amzn.to/3Ds22Rq
================
Connect with me:
================
Discord: / discord
Twitter: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
RU-vid: / davidbombal
================
Connect with John:
================
RU-vid: / johnhammond010
Twitter: / _johnhammond
LinkedIn: / johnhammond010
malware
malware analysis
cybersecurity
cybersecurity jobs
hacking
ethical hacking
hacking jobs
john hammond
hack the box
try hack me
htb
thm
cyber security career
cybersecurity
cybersecurity careers
ceh
oscp
ine
oscp certification
ctf for beginners
first job
cybersecurity job
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#malware #hacking #cybersecurity

Наука

Опубликовано:

13 июн 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 343

@davidbombal 2 года назад

Menu: 0:00 ▶ Pretty sketchy stuff! 0:37 ▶ Welcome John Hammond 0:53 ▶ Don't divide cyber in your mind 2:00 ▶ John's day job 3:17 ▶ Hacker's crafty methods 4:02 ▶ Will AI take jobs away? 4:55 ▶ How do I become like you? 5:35 ▶ Windows is very important 6:12 ▶ Malware vs CTFs 6:32 ▶ Is Malware mainly on Windows systems? 7:28 ▶ Always comes back to the same thing 8:50 ▶ Practical Example 9:29 ▶ John's setup 11:42 ▶ Python malware example 12:50 ▶ Malware code 15:50 ▶ Bad guys can sell this information 16:30 ▶ But this is in the clear? 17:14 ▶ Obfuscated version 18:28 ▶ Real world? Don't want to touch disk 19:50 ▶ How do I find this stuff 20:58 ▶ Weird Spam SMS messages 21:30 ▶ Real World: Finding malware 23:42 ▶ John's real world company example 24:20 ▶ Real world logic to find malware 25:23 ▶ Detectors 25:48 ▶ Hunting malware 26:25 ▶ Use your eyes - don't trust an automated systems 27:15 ▶ Input from other systems 27:49 ▶ How do I become like you? 28:00 ▶ What kind of skills would you look for in a person to get a job 29:24 ▶ Look at malware sites 30:15 ▶ Build out a library 30:38 ▶ David pushes John for a job on LinkedIn 33:05 ▶ How did John get his job? 33:30 ▶ Use social media 34:31 ▶ How John got his first job 35:55 ▶ It's who you know, not what you know 36:30 ▶ How John got his current job 38:19 ▶ Would you hire someone with certs; or someone you know 39:50 ▶ Windows bat script example 45:08 ▶ Which languages does John know 45:38 ▶ How do you know if it is good or bad code? 46:45 ▶ Office Macros Malware Example 50:40 ▶ Cool Linux command 51:26 ▶ Is this a good job? Are there lots of job? 52:30 ▶ What hours do you work? 53:31 ▶ Any books you recommend? John Hammond Playlist: davidbombal.wiki/johnhammond ================== Web Sites mentioned: ================== Use at your own risk: vx-underground: twitter.com/vxunderground theZoo: twitter.com/vxunderground Malware Bazaar: bazaar.abuse.ch/ Joe Sandbox: www.joesecurity.org/ Any run: any.run/ VirusTotal: www.virustotal.com/gui/home/upload ====== Books: ====== The IDA Pro Book: amzn.to/3DtEATW Black Hat Go: Go Programming For Hackers and Pentesters: amzn.to/3gISKa4 Black Hat Python: Python Programming for Hackers and Pentesters: amzn.to/3ta50FH Python Pocket Reference amzn.to/3mQPME2 Linux Pocket Guide: Essential Commands: amzn.to/2UWBwya Regular Expression Pocket Reference: amzn.to/3gJoP1f Linux Basics for Hackers: Getting Started with Networking, Scripting, and Security in Kali: amzn.to/3Ds22Rq ================ Connect with me: ================ Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal RU-vid: ru-vid.com ================ Connect with John: ================ RU-vid: ru-vid.com Twitter: twitter.com/_johnhammond LinkedIn: www.linkedin.com/in/johnhammond010

@reastle1307 2 года назад

i got exited from only intro

@tsaltslinger3268 2 года назад

Thank you, Mr Bombal.

@roshantiwaree7617 2 года назад

David Sir.. I am a student. I want to start my career in cybersecurity specially bug bounty hunting. Please 🥺 suggest me how do I start my journey in cybersecurity. Please 🙏 reply 🥺

@geekmuralin Год назад

Thank you

@saroarahmed7764 2 года назад

Yo David, just wanted to thank you for the free courses on Udemy! Being from Bangladesh 🇧🇩 it is difficult (not impossible) for us to make international transaction legitimately through a bank. So, your free courses are kinda life saver!!! So thank you very much!!!

@davidbombal 2 года назад

I'm really happy to hear that I could help you Saroar 😀

@itsme7570 2 года назад

That's awesome, David you were a major factor in me signing up for school so thank you for that sir

@toioburrahman7864 2 года назад

Are you Bangladeshi?

@rubayethassan5615 2 года назад

Saroar Ahmed.....glad to have you in that channel...I don't know why our Bangladeshi people's don't watch these channels....

@toioburrahman7864 2 года назад

@@rubayethassan5615 where is your house in Bangladesh?

@MisterK-YT 2 года назад

I love the conciseness of this channel. Timestamps, no time wasted, doesn’t talk _too_ much. 👌

@Nicrophelia 9 месяцев назад

These “old” videos are so under utilized by people trying to get into the industry, this one is a GEM. Seeing where the people I look up to were a couple years ago is super inspiring! One of my favorite parts about both of you is your pursuit of learning, thank you for creating!

@halfdemon88 Год назад

Every time I have a question about something I want to know, you've got a video about it. Thx, bud

@TylerRake141 2 года назад

My two favorite IT teachers in one video ? Hell yes!! 🔥

@davidbombal 2 года назад

Thank you Aftab!

@RAZREXE 2 года назад

This is GOLD! I cannot thank you enough David and John, you are the best!

@SpaceOfSoul23 2 года назад

Thank you so much for covering this. I’m on my own journey of getting into cyber security, and have been growing a big interest in malware analysis. I’ve asked around and no one knew what I was talking about. Was getting really discouraged, thanks!!!

@gueroloco8687 2 года назад

Love John Hammond and you as well David!! Thanks so much for the help!!!

@anshumishra9368 2 года назад

John and David, has something special about our future

@keirnbug8762 2 года назад

Man, everything I watch some of your stuff, I always end up going down a different rabbithole , inspireing and fun !

@jeezboi5079 2 года назад

These guys are pro in their field and they are so humble and down to earth

@akan1783 2 года назад

What I like about you David is that you ask very relevant questions! Keep it up

@davidbombal 2 года назад

Thank you Akan

@aviano5 2 года назад

David you are the best of best. It is hard to find someone like you, who gives amazing courses for free and all these video tutorials. As a cyber security undergraduate, I'm really thankful to you for all your efforts. Wish you best of luck Dav. ❤️💯

@shanecoursen 2 года назад

It's nice to see the new guard. Enjoying your vids, David. Thank you.

@Sparerime 2 года назад

To me,this is a gold mine! Thank you guys for taking time and educate us 👌🏻👍🏻

@raginranga3494 2 года назад

Many thanks to yourself, John and all your guests for providing Insight 🙏🇦🇺

@MoonarkGG 2 года назад

I always disable my adblock and watch the ads on david videos, thanks for the free courses and the amazing content on youtube

@mbm6048 2 года назад

Its Finally here,Malware Analysis, Thank you David. Would be nice if you released a Full udemy course on Malware analysis

@Matheus-lk9lh 2 года назад

Wow, I never see a course cover this topic, thank you David

@dharunkanna5261 2 года назад

Wow David ! really excited with JH series 🥳❤

@mohammed9033 2 года назад

Hey David. Thanks a ton for this, would request you for more such podcasts

@infotechyeti 2 года назад

Great video and appreciate his presentation. Great to see the way how one has to comb through the script to see the malicious process being executed.

@samerkia 2 года назад

I've really been wanting/hoping for something such as this! Thank you so much!!!

@davidbombal 2 года назад

Thank you Samerkia! You're welcome!

@viv_2489 2 года назад

David thank you for raising all valid questions which one or other may get..

@ibrahimabdeltawab6418 Год назад

Thanks so much David and John ❤

@paradoxicaluniverse 2 года назад

Thanks to the universe for 2 good guys like you two. Thanks guys!

@karanb2067 2 года назад

I really look up to you and John, glad you discussed this :)!!

@guilherme5094 2 года назад

That was great. Thanks David and John.

@alaahaider 2 года назад

Great interview, and so much info. Thank you David. I loved the way John broke down the powers hell code in vscode. I find it very useful and smart tip.

@iftikharhusain1 2 года назад

Hey David thank you so much for the efforts that you put Big thanks 👍

@scottym50 2 года назад

That was a fantastic video. Thanks to the both of you for taking the time to share ed that wealth of information to everyone. Thank you again, I never fail to not learn something from your videos.

@TalsonHacks 2 года назад

As a pentester, I would like to see more of malware analysis and blue team stuff.

@MilesReeceActual 2 года назад

David you have the best content on cyber security by far. There is no one even close! Congratulations

@davidbombal 2 года назад

Thank you! You are very kind to say that 😀

@Alain9-1 2 года назад

What an amazing episode with David and john

@yamitvargas8065 2 года назад

David, once again, Thanks so much, as always great materialand Thanks and amazing job to John Hammond.

@davidbombal 2 года назад

Thank you so much for your support Yamit!

@andre9036 2 года назад

Shamshing content by Sir David and John. Thank you for sharing this. Superb!

@bustsomecaps 2 года назад

really cool show im just learning python and studying sec+ atm very interesting and informative, like a newbie can understand such a nice show you two do :)

@XtremuZ 2 года назад

Great content, thanks for this collab!

@RickHenderson 2 года назад

Really useful, thanks. As a teacher trying to find work, it was almost difficult to have something to show to potential employers. But as a security Analyst maybe working towards malware analysis - really interesting that John mentions being so out there in the community actually being useful for job hunting. But then I'd have to be careful of NDA and make sure I don't do anything that might put me at cross purposes with my current employer.

@donnie1581 2 года назад

Loved this interview! you both are awesome!

@sp3ct3r71 2 года назад

great job mr.david badly wanted to see collobaration with john...thankz🥰❤🔥

@diamondnita1543 Год назад

John is a genius, I just love humble attitude.....

@TANKBM 2 года назад

We thank you, dear teacher, for your valuable efforts for us

@mckeanethomas3830 2 года назад

Nuff Respect @ David and @John. Thanks for these contents

@jessh6995 2 года назад

Good morning David!! Thank you for all you do!

@davidbombal 2 года назад

Good morning Jess. Thank you!

@pranavaraoperuvaje2089 2 года назад

Jhon and David together, that is amazing!!!!!! Big fan of you both also!! The video was amazing. Thank you

@davidbombal 2 года назад

Thank you Pranava!

@nallachi2913 2 года назад

I really thanks to both of you with lot of love ❤️❤️

@theodoremiskel4057 2 года назад

There's always great content on this channel. I went from Help desk to Network Admin to Security admin to IT manager from this channel. Thank you for providing these things to us.

@davidbombal 2 года назад

That's fantastic Theodore! Thank you for sharing 😀

@randyg666 2 года назад

Nice!!!

@Kicsa 2 года назад

Thanks for this insightful video!

@LightVibrationPresenseKindness Год назад

great content david! kudos to john

@poca1068 Год назад

David, thank you for being you!

@oiphellipe 2 года назад

David, your questions were perfect. Actually, those were the questions I would like to ask him, because I see John as an example to me. So, thanks for that. Great job. And John, you're a monster!!!! :)

@liviupopeanga6581 Год назад

Appreciate ! i have a test for crowdstrike advanced threat internship and info helps me getter the piece together ! great job guys !

@jwdory Год назад

Very interesting video! John just touched on how to set up a secure environment to investigate malware. A video with more detail on how to set up a secure environment would be of value.

@mangeshgupta5677 2 года назад

Awating for solar winds analysis , great job 👍❤️

@iamkaustubh 2 года назад

Hey David Thanks Man this interview was really very helpful for me i live in india just passed my Diploma in Computer Technology. I am following you since from last 6 months i just watched whole video without skipping anything it influenced me more to learn. Best wishes again David .🔥

@ibrahimyosif 2 года назад

great video, you should do more collabs like this.

@Bluedragon-co4kb 2 года назад

@David Bombal Hi David, thank you very much for sharing all your knowledge with special guests!! It helps us all alot in what we are all trying to learn! ^^ 😀

@commanderxcod9291 2 года назад

Again high level information thanks sir.

@m.almansoori9726 2 года назад

Well done and thanks for the amazing contents

@razorr1920 2 года назад

Hey, David. I take your paid courses on Udemy just for the reason that you're a great community uplifting power. My sincere appreciation for your efforts. Also, your sessions like this are quite enjoyable. Pls do keep them coming.

@dhammikadarshana1898 2 года назад

Great Thank you David.....

@Vercingetorix061983 Год назад

I would like to have three attributes of John that I really admire: his knowledge, that hair and that great smile

@hamzahouri8647 2 года назад

David you are great teacher, i follow you from Morocco. You are best and your course very helpful than university.

@vijayshinde8356 2 года назад

Yay! John is here too

@alvionjames5925 Год назад

So great content ...BEST!!👌👌

@jesussaeta8383 2 года назад

Wow David incredible stuff, Thank you you are incredible.....and Kudos to Mr. Hammond as well .....

@davidbombal 2 года назад

Glad you enjoyed it 😀

@supriyochatterjee4095 2 года назад

Great to see two of the very best together, it's a request if you can make a video regarding the latest scenarios and situations about "Dark Web" and all kinds of security and prevention methods to stay safe from "Dark Web", also have seen some videos on RU-vid about "Paranormal and Creepy" creatures on "Dark Web" so any relevant videos with proper information on whether they are real or not could be very interesting for all to know and explore

@jessh6995 2 года назад

David you have a heart of gold!

@davidbombal 2 года назад

Thank you Jess

@jenniferbatt3548 Год назад

Still working as of today, ty!

@chandranirmal2995 2 года назад

Tnx sir I watched full video . You are trying to help more people who r financially down. Great job sir tnx 🙏🙏🙏🙏 Love from Tamil Nadu India 🔥🔥🔥🔥👍👍👍👍🙏🙏🙏

@liderlink4113 Год назад

What I like about David Bombal is that he is here, on RU-vid, to learn and to teach. I really passionate about cybersecurity and you can really tell that he wants to learn. Respect!

@davidbombal Год назад

Thank you! We can all learn from each other :)

@cacurazi 2 года назад

8:16 John is so humble... god damn it John...

@bonnieblue-blade7376 2 года назад

Subscribed to John...💝

@stark6314 2 года назад

This is great🔥❤️🔥

@divakarbisht7951 2 года назад

Man I just Love David Collab with such Pros Keep up the good work David 🥳

@davidbombal 2 года назад

Thank you Divakar

@chathurakariyawasam8675 2 года назад

Most waited moment..! ❤

@hexoroid 2 года назад

Good learning video

@keitakeita7890 2 года назад

Thanks !

@kaushikkodeeswaran9918 2 года назад

Thank you sir

@oy9804 2 года назад

continue this course David because we need to know about Malwer Analysis also ❤️

@davidbombal 2 года назад

Thank you

@yave4algeria 2 года назад

Thank you David

@kostudas1 2 года назад

I LOVE John Hammond

@mrigankchanda4148 2 года назад

This is Gold!

@TamaRe Год назад

Hi David, love your content. I recently gained my ccna cert, wondering what to do next, I've only installed security cameras thus far which wasn't part of the course.. lol

@fahadbawazir1771 2 года назад

Good & Awesome, thanks

@davidbombal 2 года назад

Thank you Fahad!

@umangmishra7505 2 года назад

Thank you. you are future of next gen

@b33tleosint15 2 года назад

You did a great job david...fully respect you but can you make a video on creating CTFs

@ravirajsinhzala9535 2 года назад

Awesome mannn. Just amazing

@davidbombal 2 года назад

Glad you liked it!!

@mh6946 2 года назад

Good morning David, amazing video

@davidbombal 2 года назад

Glad you enjoyed it Hasan!

@bug_artist4736 2 года назад

Thank you sir great work very usefull

@davidbombal 2 года назад

You're welcome Yogesh!

@user-ek4yj1vg6g 2 года назад

wow we need more like these

@papealiouneniasse4842 2 года назад

Awesome content just like always

@davidbombal 2 года назад

Thank you!

@jeezboi5079 2 года назад

Such a great content

@mdynangel1123 2 года назад

Thank you guys really thanks for everything explain, contact ideas John and David best in the world

@godstimenkechi7779 10 месяцев назад

Astounding work *EXELASUPPORT* - so euphoric you are out there battling these failure. We recognize that ought to do all that we can for save the more settled and the overall people from these contemptible mutts! Approval to YOU!! You merit the Nobel prize for safeguarding us epic up family

@knightwanter 2 года назад

Thankyou so much sir 😀

@abdulbasitmuhammed2798 2 года назад

David really you are great this video is awesome it's full knowledge

@davidbombal 2 года назад

Really happy to hear that!

@mahendrakathe 2 года назад

This was a great insight in malware stuff , at least a good content to start with , I would like to thank you both David and John for bringing this to your viewers. However I have one question for both of you here , as john was showing he has collected all those malware samples on his Linux(ubuntu) box , I hope there were no malware detection software like AV, end point security etc. , had that been a case we would have a hard time opening those files in editors and IDEs for analysis, Do you guys agree with me here ? . Since we are not protected in such environment what precaution we should take while doing analysis of these malware samples ? How do we deal with this malware samples in real world environment ? Do we have kind of some isolated environments or sandboxed environment where we analyze these samples ? . if yes , Can you guys pour some light on how to create such environment as a part of one's home lab ?