CyberCode Academy

By CyberCode Academy

Welcome to CyberCode Academy — your audio classroom for Programming and Cybersecurity.
🎧 Each course is divided into a series of short, focused episodes that take you from beginner to ad... more

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about CyberCode Academy:

How many episodes does CyberCode Academy have?

The podcast currently has 212 episodes available.

CyberCode Academy episodes:

January 29, 2026Course 20 - Malware Analysis: Identifying and Defeating Code Obfuscation | Episode 5: Identifying and Analyzing Cryptography in Malware
In this lesson, you’ll learn about:
Why Malware Uses Cryptography and Encoding
How encryption and encoding are used to conceal payloads, configuration data, and command-and-control traffic.
The difference between encoding (obfuscation for transport) and encryption (confidentiality and anti-analysis).
Why cryptographic protections are often the final barrier hiding a malware sample’s true behavior.
Common Encoding and Encryption Techniques
Simple schemes such as XOR loops and Base64 for lightweight obfuscation.
Strong cryptographic algorithms including AES and RC4 to protect embedded payloads and network communications.
How multiple layers of encoding and encryption are frequently combined to slow down analysis.
Identification Techniques
Entropy analysis to detect encrypted or compressed data, with high entropy values indicating strong obfuscation.
Searching for cryptographic constants and algorithm “magic values” used during initialization.
Import and library inspection to identify usage of cryptographic APIs or external crypto libraries.
Analysis Tools and Workflow
Using PE Studio for rapid triage to identify packing, suspicious imports, and anomalous strings.
Tracing decryption routines in IDA Pro to locate keys, loops, and payload-handling logic.
Leveraging dnSpy for .NET malware to view high-level encryption and decryption functions directly in decompiled code.
Deobfuscation Strategies
Dynamic analysis: pausing execution after decryption occurs to extract clean payloads or strings from memory.
Static reimplementation: recreating the decryption logic in scripts or plugins to automatically decode all protected data.
Choosing the fastest approach based on malware complexity and the analyst’s objectives.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
...more
19min
January 28, 2026Course 20 - Malware Analysis: Identifying and Defeating Code Obfuscation | Episode 4: Dynamic API Resolution: Walking the PEB and Parsing
In this lesson, you’ll learn about:
Why Malware Builds Its Own Import Tables
How bypassing static, dynamic, and runtime linking hides API usage from analysis tools.
Why this technique is especially valuable for shellcode, which executes without a normal Windows loader.
How custom API resolution breaks automated inspection and signature-based detection.
Locating System Libraries via the PEB
Accessing the Process Environment Block (PEB) through the FS register (offset 0x30).
Navigating PEB_LDR_DATA to enumerate loaded modules.
Walking linked lists such as InMemoryOrderModuleList to locate key DLLs.
Extracting the image base (DLL base address) from LDR_DATA_TABLE_ENTRY.
Manual Parsing of the PE Format
Using the e_lfanew field (offset 0x3C) to locate the NT Headers.
Navigating the PE Data Directory to find the Export Table.
Understanding the role of:
Address of Functions
Address of Names
Address of Name Ordinals
Checksum-Based API Resolution
Iterating through exported function names without storing them in cleartext.
Computing a checksum for each name at runtime.
Matching computed values against hard-coded checksums embedded in the malware.
Resolving the correct function pointer using ordinals and function address tables.
Indirect API Invocation
Storing resolved function addresses in a custom array.
Executing APIs via indirect calls (e.g., call eax) instead of named imports.
Why this completely hides functionality from the binary’s static import table.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
...more
17min
January 27, 2026Course 20 - Malware Analysis: Identifying and Defeating Code Obfuscation | Episode 3: Analyzing and Defeating String Obfuscation in Native
In this lesson, you’ll learn about:
String Obfuscation in Native Malware:
Why string analysis is significantly harder in native code compared to interpreted languages.
How compiled binaries store logic as machine instructions inside formats like the Portable Executable (PE), requiring reverse engineering rather than simple string extraction.
Core Native String-Hiding Techniques:
Stack Strings: Constructing strings dynamically on the stack using assembly instructions instead of storing them in readable sections of the binary.
Checksum-Based Resolution: Hiding API and file names by comparing runtime-generated hashes against hard-coded checksums to build dynamic import tables without exposing cleartext strings.
Encrypted Strings: Using encryption algorithms to keep strings unreadable until they are decrypted during execution.
Static Analysis and String Recovery:
Leveraging advanced extraction tools to recover stack strings that standard utilities cannot detect.
Manually reconstructing strings in disassembly tools by converting numeric byte values into ASCII characters.
Using cross-references (Xrefs) to confirm which functions are responsible for resolving APIs or decrypting strings.
Dynamic Analysis and Debugging:
Verifying static findings by stepping through execution in a debugger and observing register values and memory changes.
Inspecting memory with appropriate commands to correctly display Unicode or multi-byte strings that contain embedded null bytes.
Reversing Checksum Logic:
Tracing low-level assembly operations such as bit rotations (ROL) and XOR instructions used to generate hashes from strings.
Understanding normalization steps, such as converting strings to lowercase, to ensure consistent checksum comparisons across systems.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
...more
16min
January 26, 2026Course 20 - Malware Analysis: Identifying and Defeating Code Obfuscation | Episode 2: Analyzing and Defeating Obfuscation in VBA
In this lesson, you’ll learn about:
Obfuscation in Interpreted Code:
Why interpreted languages like VBA and PowerShell are still heavily obfuscated despite being easier to access than native binaries.
Common tactics such as junk instructions, string and object obfuscation, and nonsensical naming designed to slow analysis rather than prevent it.
Analyzing Malicious VBA Macros:
Extracting macro code from Office documents using stream-analysis tools.
Identifying execution entry points such as AutoOpen to understand how and when malicious logic is triggered.
Tracing string operations to uncover indicators of compromise, including URLs, dropped file names, and execution paths.
PowerShell Obfuscation and “Living off the Land”:
Understanding why attackers favor PowerShell for in-memory execution and stealth.
Capturing and decoding obfuscated commands, including Base64 payloads that rely on UTF-16 encoding.
Decompressing embedded payloads and inspecting runtime values as scripts de-obfuscate themselves.
Dynamic Analysis Techniques:
Using process and script inspection tools to observe PowerShell behavior at runtime.
Leveraging debugging environments to set breakpoints and examine variables at the exact moment hidden data is revealed.
Efficient Analysis Strategies:
Refactoring obfuscated scripts by renaming variables and functions for clarity.
Filtering out dead or irrelevant code to reduce noise.
Allowing malware to execute in a controlled environment so it reveals its own logic, saving significant analysis time.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
...more
20min
January 25, 2026Course 20 - Malware Analysis: Identifying and Defeating Code Obfuscation | Episode 1: Defeating Malware Obfuscation: Fundamentals, Impact
In this lesson, you’ll learn about:
The Purpose of Code Obfuscation:
Defining obfuscation as the practice of intentionally making software difficult to read or analyze.
How malware authors use obfuscation to hide strings, functions, payloads, and command-and-control communication.
The concept of “raising the bar” for analysts by increasing the time and effort required to understand malicious intent.
Legitimate uses of obfuscation for protecting intellectual property in commercial software.
Obfuscation Across Programming Architectures:
The differences between native code (C, C++, Assembly) and interpreted or managed code (Java, .NET, Python).
Why native binaries are harder to analyze due to reliance on disassembly rather than source-like output.
How interpreted code can often be decompiled into structures that closely resemble the original source, making it generally easier to reverse.
Common Obfuscation Techniques:
Using meaningless variable and function names to disrupt manual analysis and signature-based detection.
Injecting junk code that adds complexity without affecting functionality.
Hiding indicators through string encoding or encryption that only resolves at runtime.
Manipulating control flow with misleading jumps and unreachable branches to confuse analysis tools.
Skills, Environments, and Tools for Deobfuscation:
The importance of understanding Assembly language, the Windows API, and the Portable Executable (PE) format.
Setting up safe analysis environments using Windows and Linux virtual machines, including REMnux.
Leveraging industry-standard tools such as IDA Pro, Ghidra, dnSpy, JD-GUI, and debuggers for static and dynamic analysis.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
...more
15min
January 24, 2026Course 19 - Ultimate Rust Crash Course | Episode 5: Rust Concurrency Fundamentals: Closures, Threads, and Channel Communication
In this lesson, you’ll learn about:
Functional Programming with Closures:
Defining closures as anonymous functions that capture values from their surrounding scope.
Using closures with iterator methods like map, filter, and fold to transform data.
The difference between borrowing closures and move closures, and why move semantics are required for safe multi-threaded execution.
Multi-threaded Execution in Rust:
Spawning threads with thread::spawn and running closures as thread entry points.
Using join handles to wait for thread completion and handle potential panics.
Understanding performance trade-offs between OS threads and asynchronous models, and when to prefer threads versus async/await.
Inter-thread Communication with Channels:
Coordinating work between threads using message-passing channels.
Working with transmitters (TX) and receivers (RX), including cloning senders for multi-producer setups.
Leveraging high-performance channel implementations to support multiple receivers.
Synchronization and Program Lifecycle Management:
How thread scheduling and sleep timing affect execution order.
Ensuring clean shutdowns by closing channel senders and properly joining all threads.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
...more
15min
January 23, 2026Course 19 - Ultimate Rust Crash Course | Episode 4: Rust Foundations: Structs, Traits, Collections
In this lesson, you’ll learn about:
Data Organization with Structs and Traits:
Using structs to group data fields, methods, and associated functions.
Defining shared behavior with traits instead of inheritance.
Writing generic functions that operate on any type implementing a required trait.
Using default trait implementations to share common behavior without repetitive code.
Managing Data with Standard Collections:
Vectors (Vec): Dynamic lists or stacks for storing items of the same type.
HashMaps: Key–value storage with efficient lookup and removal.
Specialized collections: VecDeque for double-ended queues, HashSet for set operations, and BTree collections for sorted data.
Advanced Logic with Enums and Pattern Matching:
Using enums as powerful data types that can hold different kinds of associated data.
Enforcing safety through exhaustive pattern matching with match and if let.
Core language enums:
Option for representing optional values without nulls.
Result for explicit and robust error handling.
Practical Application and Exercises:
Implementing state changes in structs using traits and methods.
Building simulations that combine enums, collections, and pattern matching.
Iterating over collections to calculate results based on enum variants.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
...more
17min
January 22, 2026Course 19 - Ultimate Rust Crash Course | Episode 3: Rust Fundamentals: Mastering Ownership, References, and Borrowing
In this lesson, you’ll learn about:
Ownership and Memory Management in Rust:
How Rust guarantees memory safety without a garbage collector.
The difference between stack and heap memory and how data lifecycles are managed.
The Mechanics of Ownership:
Rust’s three core ownership rules:
Every value has a single owner.
Only one owner exists at a time.
Values are dropped immediately when the owner goes out of scope.
The distinction between moving values (invalidating the original variable) and cloning values (performing a deep copy).
References and Borrowing:
Using references to access data without transferring ownership.
The role of lifetimes in ensuring references always point to valid data.
The borrowing rules: either one mutable reference or multiple immutable references, but never both at the same time.
How the dot operator automatically dereferences values for method access.
Practical Application (Exercise E):
Inspecting: Reading data using an immutable reference (&String).
Changing: Modifying data through a mutable reference (&mut String).
Eating: Passing ownership to a function, consuming the value and making it unavailable afterward.
Why These Rules Matter:
Preventing segmentation faults, data races, and dangling pointers.
Writing safer, more reliable code despite initial compiler challenges.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
...more
11min
January 21, 2026Course 19 - Ultimate Rust Crash Course | Episode 2: Rust Core Foundations: Data Types, Control Flow, and String Handling
In this lesson, you’ll learn about:
Core Data Representations in Rust:
Scalar types: integers (signed i and unsigned u), floating-point types (f32, f64), booleans, and Unicode char values.
Compound types: tuples (accessed via indexing or destructuring) and fixed-size arrays stored on the stack, along with their practical limits.
Project Organization and Reusability:
Moving logic into a library file (lib.rs).
Exposing functions with the pub keyword and importing them using use statements.
Control Flow and Program Logic:
Using if as an expression that returns a value, replacing traditional ternary operators.
Working with loops: loop (including labeled breaks), while, and for.
Iterating with ranges, both exclusive (0..50) and inclusive (0..=50).
Understanding Rust Strings:
Differences between borrowed string slices (&str) and owned, heap-allocated String types.
Why UTF-8 encoding prevents direct character indexing.
Safely accessing string data using iterators like .bytes(), .chars(), and .nth().
Practical Application:
Processing command-line arguments as vectors of strings.
Applying loops and conditional logic to perform numeric operations such as summing ranges or repeatedly modifying values until a condition is met.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
...more
13min
January 20, 2026Course 19 - Ultimate Rust Crash Course | Episode 1: Rust Programming Foundations: From Cargo Tooling to Core Syntax and Modules
In this lesson, you’ll learn about:
The Rust Ecosystem and Tooling:
Using Cargo as Rust’s package manager, build system, and documentation tool.
Creating projects with cargo new, managing dependencies in Cargo.toml, and running code with cargo run.
Understanding the difference between debug builds and optimized release builds.
Variables and Constants:
Declaring variables with let in a strongly typed language with type inference.
Rust’s default immutability model and using mut for mutable values.
Defining constants (const) with explicit types and compile-time evaluation.
Scope and Shadowing:
How variables are scoped to blocks and automatically dropped when out of scope.
Using shadowing to redefine variables, including changing their type or mutability.
Memory Safety Guarantees:
Rust’s compile-time enforcement of memory safety.
Prevention of uninitialized variable usage and undefined behavior without relying on a garbage collector.
Functions and Macros:
Defining functions with fn and snake_case naming conventions.
Returning values using tail expressions without a semicolon.
Distinguishing between functions and macros (e.g., println!).
The Module System and Code Organization:
Structuring projects with main.rs for binaries and lib.rs for libraries.
Managing visibility with private-by-default items and the pub keyword.
Bringing items into scope with use and integrating external crates.
Hands-On Practice:
Reinforcing concepts through guided exercises, including building a command-line program and writing functions to calculate geometric areas and volumes.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
...more
14min

FAQs about CyberCode Academy:

How many episodes does CyberCode Academy have?

The podcast currently has 212 episodes available.