docker_file_analysis

irt/docker_file_analysis

Fork 0

Commit Graph

Author	SHA1	Message	Date
tobias	6349c3aa8e	Add malware patterns cheat sheet and book index 04-malware-patterns.md: API→technique mapping, packer recognition, anti-analysis assembly patterns, shellcode indicators, document malware indicators, quick-reference lookup tables. 05-book-index.md: A-Z index of every tool, concept, API, technique, and malware sample in the FOR610 course with book line numbers and workbook lab references for quick lookup. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-31 08:41:30 +02:00
tobias	0a00835493	Add malware patterns & recognition exam cheat sheet Covers: technique identification by API sequence (process hollowing, code injection, DLL injection, .NET reflective loading, hook-based injection, resource droppers), packer recognition (UPX, entropy, section names, tail jump, breakpoint strategies), anti-analysis patterns (IsDebuggerPresent, PEB, SEH, TLS, RDTSC, tool detection), shellcode indicators (NOP sled, GetEIP, PEB walk), document malware indicators (PDF keywords, VBA triggers, RTF exploits), and two quick-reference tables mapping APIs→techniques and assembly→behavior. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-31 08:24:45 +02:00
tobias	1d2427415e	Add FOR610 exam cheat sheets (tools, assembly, Windows APIs) Three markdown cheat sheets for exam preparation: - 01-tools.md: All analysis tools with descriptions, platforms, book section refs, and key pipe chains - 02-assembly.md: x86/x64 registers, instructions, calling conventions, stack frames, control flow, anti-analysis patterns - 03-windows-apis.md: All Windows APIs by category with DLLs, malware use cases, and technique-to-API mapping table Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-29 22:24:55 +02:00

Author

SHA1

Message

Date

tobias

6349c3aa8e

Add malware patterns cheat sheet and book index

04-malware-patterns.md: API→technique mapping, packer recognition,
anti-analysis assembly patterns, shellcode indicators, document
malware indicators, quick-reference lookup tables.

05-book-index.md: A-Z index of every tool, concept, API, technique,
and malware sample in the FOR610 course with book line numbers and
workbook lab references for quick lookup.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-31 08:41:30 +02:00

tobias

0a00835493

Add malware patterns & recognition exam cheat sheet

Covers: technique identification by API sequence (process hollowing,
code injection, DLL injection, .NET reflective loading, hook-based
injection, resource droppers), packer recognition (UPX, entropy,
section names, tail jump, breakpoint strategies), anti-analysis
patterns (IsDebuggerPresent, PEB, SEH, TLS, RDTSC, tool detection),
shellcode indicators (NOP sled, GetEIP, PEB walk), document malware
indicators (PDF keywords, VBA triggers, RTF exploits), and two
quick-reference tables mapping APIs→techniques and assembly→behavior.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-31 08:24:45 +02:00

tobias

1d2427415e

Add FOR610 exam cheat sheets (tools, assembly, Windows APIs)

Three markdown cheat sheets for exam preparation:
- 01-tools.md: All analysis tools with descriptions, platforms, book
  section refs, and key pipe chains
- 02-assembly.md: x86/x64 registers, instructions, calling conventions,
  stack frames, control flow, anti-analysis patterns
- 03-windows-apis.md: All Windows APIs by category with DLLs, malware
  use cases, and technique-to-API mapping table

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-29 22:24:55 +02:00

3 Commits