I would like to learn to analyze botnets, what knowledge I need to obtain

[hostapler]

Sorry if is wrong category, please change category, thanks.

I would like to learn to analyze botnets(endpoint, get tracks of creater and other essential info), what knowledge I need to obtain:
Can you refer me from starter to pro.
I prefer courses, but its not a problem to learn from book.
I know C, a bit of Assembly and PHP/MySQL


Thanks, and sorry if I get in wrong category.

[Teapot]

I prefer courses, but its not a problem to learn from book.

The force is strong in this one.

      There is no "Beginner to Expert" course, you need to learn the individual pieces... individually.
Through countless hours of research and reading you will compile the knowledge necessary to accomplish
your goals.
      I highly doubt you have the dedication required to do this but if you do look up Malware Analysis and
Reverse Engineering.

P.S Your not in the wrong category, your on the wrong forum.

[ande]

What Teapot said. There is no all-in-one premium tutorial guide package that will learn you everything. Far from it. It takes years of piecing together knowledge from far and wide. But seeing how you know C, a bit of Assembly and PHP+MySQL this should be no problem eh?

[v32itas]

Sorry if is wrong category, please change category, thanks.

I would like to learn to analyze botnets(endpoint, get tracks of creater and other essential info), what knowledge I need to obtain:
Can you refer me from starter to pro.
I prefer courses, but its not a problem to learn from book.
I know C, a bit of Assembly and PHP/MySQL


Thanks, and sorry if I get in wrong category.

Well if you already know C then you should probably start learning it.

[hostapler]

Why you attack me immediately, I have dedication to learn book, course it doesnt metter.Can anyone refer me to some blogs to research or some older books.I am sorry if I say something wrong.

Please dont get me wrong, I would like to contribute to Malware Research, would like to reveal from some [server](bin) zombie computer, who and where is owner, I always follow people like Krebson, and others...

Thanks in advance

[ThePH30N1X]

Why you attack me immediately, I have dedication to learn book, course it doesnt metter.Can anyone refer me to some blogs to research or some older books.I am sorry if I say something wrong.

Please dont get me wrong, I would like to contribute to Malware Research, would like to reveal from some [server](bin) zombie computer, who and where is owner, I always follow people like Krebson, and others...

Thanks in advance

With that mindset, you won't even make it off the runway.

[Teapot]

Why you attack me immediately.

We have not flamed you yet, i and the others are giving you warning shots.

1. Designing BSD Rootkits
2. Practical Malware Analysis
3. Rootkits: Subverting The Windows Kernel
4. Malware Analyst's Cookbook
5. The Art Of Computer Virus Research and Defense
6. The Rootkit Arsenal is another good one
7. the giant black book of computer viruses

[kenjoe41]

Botnets have alot of techniques that will require you to have a good understanding of alot of fields.
Personally i say get you RE gloves on, get some networking concepts solid, grab the nearest sample of a Botnet file and uncover away. For a challenge/something, keepup with the tech news and analyse the latest one the world is sweating about. Producing this info first will earn you entry to some closed circles and some good friends who will teach you even more. Lookup some malware IRC channels and chat away.

[ISLR]

Botnets have alot of techniques that will require you to have a good understanding of alot of fields.
Personally i say get you RE gloves on, get some networking concepts solid, grab the nearest sample of a Botnet file and uncover away. For a challenge/something, keepup with the tech news and analyse the latest one the world is sweating about. Producing this info first will earn you entry to some closed circles and some good friends who will teach you even more. Lookup some malware IRC channels and chat away.

->

Start with ASM in x86 and thumbARM and Pseudocode (To study any class of programing language u dont know). Then the techniques u have a lot of books out there, then make a paper for yourself , then if u want u can 766 it.

 

[hostapler]

Thanks everyone, will first start with ebooks, then who know

[Teapot]

Thanks everyone, will first start with ebooks, then who know

Just remember that your end goal requires knowledge in multiple fields.
Do not expect it to all come to you at once and do not expect it to happen
overnight.

My recommendation so you do not loose your drive is to tackle each step individually and
to enjoy the "abilities" that come with each skill as you progress. Choose your first ones based upon what would
be funnest to practice and use so you have something to do when you are sick of learning whatever it is you are currently
tackling.

[ColonelPanic]

If you'd like a guided introduction, this course may help you understand (some of) what you need to learn:


https://www.coursera.org/course/malsoftware

[nozzlechunks]

To the OP:

If you want to learn how botnet's work, buy one! Here's a crappy one for cheap:

http://www.worldwiredlabs.com/

Buy it, play with it. It's perfectly legal in a lab. You can also look for youtube videos on Netwire to see the basics:

-A builder, to create, configure, and compile your payload.
-A management console, to manage all the victim boxes calling back.

Seriously, learn the botnet ecosystem by creating and managing your own botnet. THEN start hammering on the skills once you get the big picture.


BITCHY EDIT: Really? Someone stole a cookie over this? I guess Sun Tzu was wrong when he said "know thy enemy?"

SUBSTANTIVE EDIT: You can also look for KINS Builder 2.0.0.0, which had it's source code leaked  recently in supposedly "criminal forums" that were totally easy to find and join. Not as user friendly as the "supported" stuff like Netwire, but it's free, and it's the real deal.