In this video I will be showing encoded shellcode reversing in IDA with help of new feature of tiny_tracer tool.
You can see very often used methods in shellcode to resolve API function addresses via parsing TEB, PEB, Export directory structures and others...
This covers - Generating shellcode, converting shellcode to exe, IDA debugging, applying structures in IDA, using tiny_tracer, cports tool.
Video: [Reversing encoded shellcode [IDA debugging, tiny_tracer, structures_applying]]
Samples to download:
[Encoded Shellcode from video "shellcode.sc"]
[Not malicious sample "malware.exe" to be downloaded and executed via shellcode]
[Encoded "shellcode.sc" converted to exe "shellcode.exe"]