Firmware Reverse Engineering with Ghidra

Learn reverse engineering using Ghidra by looking at firmware in ARM, MIPS and other architectures.

Training starting at

$1,800.00

with one of our subscriptions

Language

English

As a free and open-source reverse engineering tool including a decompiler for many architectures, Ghidra has become a prevalent tool in the computer industry. In this training you will learn how to use Ghidra from reversing simple executable to being able to look at a full embedded firmware. After following this training, you will be able to use Ghidra as your main reverse engineering tool.

What will you learn ?

  • Using Ghidra disassembler and decompiler
  • Introduction to ARM architecture
  • Reversing ELF files for different architectures
  • Reversing Thumb and ARM32 mode with Ghidra
  • Improving decompiler output with types and structures
  • Reversing C++ binary
  • Using Ghidra for signatures & libraries
  • Extending Ghidra by writing your own scripts
  • Identifying an unknown firmware architecture
  • Common code patterns present in RTOS and bare-metal firmware
  • Loading and analyzing bare-metal firmware

Day 1

This first day is all about learning how to make reverse engineering with Ghidra.

We will first make an introduction for Ghidra and see how it can be used for reversing small challenges. The ARM architecture and its particularity will be explained and you will be challenged to do small crack-me.

Then we will practice with more advanced functionalities of Ghidra: how to support structures and to handle C++ binaries. We will then use Ghidra functionalities for handling libraries and creating function signatures.

At the end of this first day, you will be able to tackle basic reverse engineering tasks.

Day 2

The second day is focus on reverse engineering real firmware and using advanced Ghidra functionalities for making it easier.

We will study real firmware during this day, and in particular see how to handle bare-metal firmware where the common Unix format is not present.

An important focus will be on the different architectures which are common in embedded software. We will see the differences with ARM, how we can handle them as well as how it will be possible to identify the architectures in case where it is unknown.

We will also look at the different ways we can enhance Ghidra and automate tasks by using the scripts provided with Ghidra and how to write our own.

At the end of this training, you will be able to use Ghidra efficiently for reverse engineering firmware of embedded devices.

Requirements

  • Good understanding of the C language, especially pointers
  • Basic assembly skills (No matter which architecture)
  • A computer which can run VMWare, our VM has everything preinstalled.
Training by Bruno Pujos

Bruno is a security researcher specialized in low-level software RE. He is best known for the vulnerabilities he discovered in UEFI firmware and virtualization software.

Feedback by @azflagbestflag

07 May 2020

Absolutely fantastic crash course on embedded RE, I enjoyed every minute.

Feedback by

Steven

07 May 2020

I tried to learn reverse engineering a few times on my own and didn't get very far. During this course I was actually able to start reading binaries and even understand the "framework" for reverse engineering (SVD loader, Function IDs, etc). Very easy recommend.

Feedback by

Marius

06 May 2020

The course was great to get an insight into reverse engineering of firmware. The trainer also showed us many procedures and tools that can significantly reduce the workload for such tasks.

Feedback by

Thomas

13 May 2020

The Firmware reversing with Ghidra was pretty awesome and the trainer is very knowledgeable, thorough and pedagogic. Being a former IDA Pro user I found this training a great kick-start into using Ghidra and embedded reversing. The training was filled with both the big picture as well as a great number of those nice little nice to know and sometimes hard to find tools and details about things, how to avoid common pitfalls and such. I also found the concept of a virtual classroom working really well. I think this is a great concept, even in the future as well if you're not able to travel. And as a sherry on the top, we got to keep the recordings, a real neat bonus!

Can't attend? All of our trainings are also available as a private classes for your company.

Access all of our classes and profesionally edited recordings.
All of our courses are also available as private trainings.
Courses are offered multiple times in different timezones.