Windows Instrumentation With Frida
- Buy now
- Learn more
Introduction

Introduction
Binary Ninja License & Course Materials
Environment Setup
API Instrumentation

Well-Known Tools
Lab 1: Evaluating ProcMon & APIMonitor
Frida API Tracing
Lab 2: Frida Trace
Lab 2: Lab Guide
Introducing Fermion

Introducing Fermion
Lab 3: Fermion
Lab 3: Lab Guide
Hooking to -> Change Application Behaviour

Changing Application Behaviour
Lab 4: Manipulating Message Boxes
Lab 4: Lab Guide
Hooking to -> Inspect Data

Inspecting Application Data
Lab 5: Shoulder Surfing Terminal Sessions
Lab 5: Lab Guide
Hooking to -> Hide Data

Hiding Application Data
Lab 6: Hooking the API
Lab 6: Lab Guide
Traversing In-Memory Data Structures
Lab 7: Pointer Arithmetic
Lab 7: Lab Guide
Abusing Data Parsers
Lab 8: Mischief Managed
Lab 8: Lab Guide
Lab 8: Quiz
Calling Native Functions

Calling Native functions
Lab 9: Going Native
Lab 9: Lab Guide
Case Study: Defeating Symantec 2FA

UX/UI Romance Story
Lab 10: A Window to the Heart
Lab 10: Lab Guide
API Automation
Lab 11: Automation
Lab 11: Lab Guide
Case Study: Antimalware Scan Interface (AMSI)

Antimalware Scan Interface (AMSI)
Lab 12: HAMSICONTEXT
Lab 12: Lab Guide
Binary Instrumentation With Stalker

Binary Instrumentation With Stalker
Lab 13: Stalker
Lab 13: Lab Guide
Case Study: Minesweeper

Finally something that matters, Minesweeper
Lab 14: Parsing Board State
Lab 14: Lab Guide
We must go deeper
Lab 15: Automation
Lab 15: Lab Guide
Case Study: DLL Side-Loading

DLL Side-Loading
Lab 16: LoadLibraryExW
Lab 16: Lab Guide
Unit Testing
Lab 17: In-Memory Unit Testing
Lab 17: Lab Guide
PwnAdventure3 Introduction

It's only Game -> PwnAdventure3
Lab 18: Jump Mechanics
Lab 18: Lab Guide
__thiscall Calling Convention
Lab 19: Accessing __thiscall Objects
Lab 19: Lab Guide
Implementing A "Cheat Engine"

Repurposing Application Functionality
Lab 20: Talk talk talk
Lab 20: Lab Guide
Symbol Analysis
Lab 21: Porting to our "Cheat Engine"
Lab 21: Lab Guide
Leveraging Native Game Functionality

Traveling Fast, Traveling Far
Lab 22: Teleportation
Lab 22: Lab Guide
What about p0wn?
Lab 23: Bears With Guns
Lab 23: Lab Guide
Alternate p0wnage -> I Take No Damage
Alternate p0wnage -> The Birds and the Bears
Bonus p0wnage -> Loot Goblin
Advanced Data Structures

PwnAdventure3 Server Setup
C++ Map Containers
Lab 24: Leaking the ClientWorld
Lab 24: Lab Guide
Traversing Red/Black Trees In Memory
Lab 25: Reading the ClientWorld
Lab 25: Lab Guide
Hooking Network Traffic

Overtrained, Overspecialized
Lab 26: Dumping Packets
Lab 26: Lab Guide
Implementing the Network Protocol
Lab 27: Parsing Packets
Lab 27: Lab Guide
Course Review

Course Review
Course Feedback

Case Study: Antimalware Scan Interface (AMSI)

This is the second of our case studies, here we will see how we look at how AMSI works. We will evaluate how AMSI works and see how we can use Frida to dump elements the AMSI data structure. We will also see how we can manipulate the result of the AMSI call.

3 Lessons