Yay, one of my favourite topics :) I'm still learning malware analysis, and here's what's helped me:
- Books: PMA, and then Malware Analyst's Cookbook, Exploits, Reversing books once you get going
- Tools: Remnux for static and a safe execution environment for dynamic[1]
- Samples from books and courses and CTFs .. virusshare is cool too, please seed!
- Online courses: The http://opensecuritytraining.info/Training.html material is all fantastic and free.
- Do follow the recommended paths (see img ) if you don't know, say, x86 ASM, or you may get lost fast and not get as much out of it.
- Lena and Legend of Random tutorials on debugging and anti-anti
- I hear FOR610, the SANS reversing course is really awesome to level you up once you get going
- Have goals in mind when you crack into a sample, especially if you plan to do it for work.
- The labs in PMA do a good job of starting you off here.
- Taking those questions and applying them to new samples is a a good plan.
- Don't just read books, do the labs and then try out the new techniques immediately to make sure you got it.
- Sign up for free CTFs and get the samples, even if you cant't work them today :)
- Ask for help when are you stuck. Here's (dc404) is a fine place and there are some others.
- (echoing me elsewhere) If you do something, write it up and post it. Send a link to the list!
1: A recent scribble of my simple lab setup, all no cost, almost all free software: qd da lab Add Process Hacker to this :)
hth, gotta run to an exam,
adric