Tuesday, June 21, 2011

Passed GIAC GREM Exam


Hey guys, I passed GIAC GREM this June 05, 2011. GREM is the Reverse Engineering Malware [ SANS 610 class ]. I find the RE stuff pretty cool. You get to learn how to analyze web, doc, pdf, and flash based malware; plus the fundamentals of exploit dev, vectors and similar sexy dope.



If you have any questions, feel free to comment n ask here.

Cheers!

Edit: A lot of people have been emailing me asking the suggestions on self-study resources for GREM. So, I am updating this post with my response info. 

Hope you will find it useful.
Malware Analyst's cookbook is a great resource for GREM exam preparation. Also check out Lenny Zeltser's website for articles, posts, and other information. Go join in Offensive computing website and get your hands dirty with the malware specimens. Apart from these, I would also encourage to go through my blog posts dissecting a bot specimen using the RE methodology and RE tools. 
From the exam perspective, when you purchase the exam, you will also receive 2 practice tests. These tests will give you a fair idea on the type of questions, & depth expected in the exam. For a list of topics that GREM covers, please refer to GREM exam link.
The links are as follows:
1. Lenny Zeltser's website: zeltser.com
2. Offensive Computing website: http://offensivecomputing.net/
3. GREM Topics: http://www.giac.org/certification/reverse-engineering-malware-grem
4. My blog posts covering bot analysis, patching malware, and manually unpacking a malware for analysis:
http://ipositivesecurity.blogspot.in/2011/07/analyzing-malware-begin.html
http://ipositivesecurity.blogspot.in/2011/07/analyzing-malware-slackbot-i.html
http://ipositivesecurity.blogspot.in/2011/07/analyzing-malware-slackbot-ii.html
http://ipositivesecurity.blogspot.in/2011/08/analyzing-malware-patching-in-way.html
http://ipositivesecurity.blogspot.in/2011/08/analyzing-malware-manually-unpacking.html

Disclaimer

The views, information & opinions expressed in this blog are my own and do not reflect the views of my current or former employers or employees or colleagues.