Help trying to learn about malicious stuff

It's genuenly difficult to detect malicious stuff. It's hidden within a code that seems normal from a front end view, but the backend, it's a keylogger or .sol stealer etc. You would have to be very good in coding to find such stuff. People who literally don't attempt to hide the keylogger, anyone can find that within minutes. I suggest learning C+(The language I'm currently learning) since I see much of the stealing software coded in that. Others may have some different or rather better imput.

Here is my input:

Most all malicious files you will encounter in an environment like this will be very obvious. People will download anything sight unseen without a second thought. You can protect yourself by not being dumb in most cases. If you download a file that is an swf client and the extension is .exe or nonexistent might want to give it a second look..

What instance? Oh I guess you mean the three times in the last year, despite having minions, people have posted these kinds of things on MPGH and gotten them approved?

In the last year the only people I've seen around here complaining about getting hacked are people who fell victim to malicious shit on MPGH. And yet this site continues to sticky the source code to a MD smtp client to the front page.

Genius. Really, really looking forward to the day one of the minions fucks up again and someone uses that to post it here. Some .exe based file just got approved yesterday without actually being decompiled until @krazyshank did it.

The sillyness here is confounding sometimes.

if the extenion is exe? Yeah, no offense bro but you can spoof extensions and make the file so it looks like a jpg or smg else (i mean EVEN if extensions are shown)
Windows Explorer always see it as an "Application", it works as intended but the extension seen is jpg. Your just have to put a special character ...

To answer OP : When the target uses an interpreted langage , there are software you can use to display it as source code (its only interpretations of the bytecode btw) : SAE or Reflector for .Net Programs, jdgui for Java stuff.

When the target is an Autoit shit, there are also decompilers.

Otherwise, for most of the targets (non .NET) i would say.... IDA for static analysis or any ring0 debugger (take ring0 as "no driver needed") but.... you will deal with ASM instructions, and will be lost. For sure !
@IAmDM : C++ ? Since he wants to analyze binaries without their source i dont think its relevant. Having basic programming knowledge may be needed, for sure, but definitly not a specific langage. For dealing with malwares, ASM and C#, thats all he need.

apf11 is flash projector, updater well... updates the SWF. "Wbclient" does the job.

I think this forum is about rotmg and not RE so you should try anywhere else.
There are plenty of good information sources on the internet about this subject, you just have to avoid many, many kiddies website/forums or HackFagRum.

If you want to reverse programs, try Woodmann .do*****m for it has archived a copy from the old +Fravia Website

Sorry that's not what I meant by my comment at all. @cehrenr I didn't mean to single you out.

I just meant that although you can create fancy file extension covers and such most people will download it anyways so there no point for the extra effort. I just meant as a rule of thumb if you are looking for a .swf and it's a .exe or no file extension scan it.

P.S. I wish people would stop complaining and bringing that up again. I don't understand all the hate towards WB. We should give it a rest