I am complete noob in infosec, so after research on internet I came to know that assembly language and reverse engineering is mandatory for learning malware analysis but can we start learning it WITHOUT HAVING STRONG PROGRAMMING KNOWLEDGE…?
recently i started reading blogs related to RE and malware analysis but somethings are difficult to understand especially those related to programming.
I know that so many people must have asked this question here but im ot getting any exact solution on this.
How is malware Written ? : using programming languages , so it makes a lot of sense to learn/know programming languages , you cant break (or understand) stuff unless you know how to build them .
You can build both skills as you go, which is what I have been doing with some success. Reading guides on malware analysis, taking courses, etc. Following up with how it was built has allowed me to not really be very good at development, but to be able to audit/understand code and the disassembly I am studying to get what I need out of it. Learning to code as I break it down has most definitely slowed me down, but I think it has helped looking at both avenues with fresh eyes? It’s working out fine, so I’m happy with my progress.
Don’t let any lack of knowledge stop you from your pursuit, but don’t neglect it either. It’s harder and takes more focus and effort than my colleagues, which I can see, but I’m still effective and add value. You’ll be just fine. Google is my best friend.
To someone in your place I would recommend learning about how computers generally work, then picking up a low level programming language like C, a high level programming language like python and learning them inside out.
Having CS background and or experience with programming really helps since you then already understand how computers work, how different languages work and compile, software engineering practices etc…
Though it is definitely possible to start learning without having a strong programming knowledge, having a CS background and or experience with programming really helps since you already understand how computers work, how different languages work and compile, software engineering practices etc… but at the end you will just end up picking the stuff you didn’t learned before.
Everyone learns at a different pace, but if you invest few hours each day for next few years it will definitely pay off and you will gather good amount of knowledge to at least be able to apply on a junior position.