June 2018
Beginner
510 pages
13h 7m
English
Content preview from Learning Malware Analysis
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
4. Debugging a .NET Application
When performing malware analysis, you will have to deal with analyzing a wide variety of code. You are likely to encounter malware created using Microsoft Visual C/C++, Delphi, and the .NET framework. In this section, we will take a brief look at a tool called dnSpy (https://github.com/0xd4d/dnSpy), which makes analyzing .NET binaries much easier. It is quite effective when it comes to decompiling and debugging a .NET application. To load a .NET application, you can drag and drop the application into dnSpy, or launch dnSpy and select File | Open, giving it the path to the binary. Once the .NET application has loaded, dnSpy decompiles the application, and you can access the program's methods and classes in the ...