Malware analysis and reverse engineering is up there as a favorite with computer forensics. I am not sure if it is the investigative approach to malware analysis – finding out how these bad programs work, or the opportunity to hone my assembly programming skills.

• PCSL – Malware Research & Independent Testing of Security Software
• Frank Boldewin’s Reconstructor.org
• VX Heavens
• MC AV-Test site
• F-Secure News from the Lab Blog
• Open Reverse Code (OpenRCE)
• Uninformed (Reverse Engineering)
• Evilcodecave (Reverse Engineering)
• Microsoft Malware Protection Center
• McAfee Labs Blog
• Anti-Malware Testing Standards Organization
• Inguardians’ Spycar Spyware Simulator Tool
• Tracking GhostNet – Investigating a Cyber Espionage Network
• Malware Domain List
• Fighting Malware (URL List)
• Popular Malware Kits and Tools
• finjan Malicious Code Research
• IcePack Malware Kit
• If you are looking for a good spot to find some of the latest malware kits, have a look at Contagio – http://contagiodump.blogspot.ca/

Tools

• RECmd – RECmd is the command line component of Registry Explorer and opens up a remarkable capability to script and automate registry data collection. Tool that assists in finding Registry Malware Persistence with RECmd
• Timeline Explorer – a program that started out as a means to view mactime and Plaso generated CSV timelines without the need to use Excel. From these two formats, it has expanded into a tool that supports a wide variety of file formats generated by forensic tools in addition to any random CSV or Excel file you may run across.
• ApateDNS – A must when undertaking dynamic memory analysis. This tool is perfect for controlling DNS responses though an easy-to-use GUI.
• FLARE VM – FLARE VM is a Windows-based security distribution for malware analysis, incident response, and penetration testing.