Hands-On Introduction to Reverse Engineering

Learn Reverse-Engineering software and firmware by solving challenges and studying real-world cases.

Training starting at

$1,800.00

with one of our subscriptions

Language

English

Hands-On Introduction to Reverse Engineering

Learn Reverse-Engineering software and firmware by solving challenges and studying real-world cases.

Reverse engineering software is the practice of understanding the code of a closed source program. These techniques have been used for years for everything ranging from "cracking" protections to understanding malware, as well as for finding vulnerabilities in widely used programs.

Who should take this Class

This training is ideally suited for software engineers and security engineers that are new to reverse engineering. No prior knowledge is required, and this course will introduce many of the concepts and algorithms used by common reverse engineering and binary analysis tools. Additionally, this class will utilize several "Capture The Flag" (CTF) challenges that are relevant for all experience levels. The challenges will include several real-world examples and problems, including reversing malware samples, making binary diffs of software patches, etc.

The primary goal of this class is to introduce reverse engineering concepts and, more specifically, malware reverse engineering and how to apply these techniques for finding vulnerabilities in a program. Tools such as IDA Pro and the Ghidra open-source reverse engineering framework will be discussed, presented, and utilized as a part of this class. Participants can use either tool for solving challenges and the advantages and disadvantages of both tools will be presented. The most common reverse engineering pitfalls will also be covered and how to overcome them. At the end of this, participants will be able to reverse engineer a program and have a methodology for reaching the goal efficiently.

Topics Covered during this Course

  • Methodology for reverse engineering.
  • Reverse Engineering bytecode and Android applications.
  • x86 assembly and basic architecture.
  • IDA Pro and Ghidra interface and tools.
  • Debuggers and decompilers for reverse engineering.
  • Handling obfuscation and how to deobfuscate a program.
  • Using APIs for automation.
  • Introduction to symbolic analysis.
  • Reversing engineering malware.
  • Binary diffing.
  • Reversing for vulnerability research.

Course Outline

  • Reverse Engineering basics

    • Goals and problematic of Reverse Engineering
    • Reversing bytecode and Android applications
    • Reading x86 assembly
    • Debugging and using trace for reversing
    • Using a decompiler and understanding its limitations
    • Creating structures and following control flows
    • Practice: solving simple CTF exercises
  • Reverse Engineering malware

    • Goal and methodology for reversing a malware
    • Dealing with obfuscation
    • Performing automation of common tasks with API and frameworks (IDAPython, Ghidra)
    • Practice: reversing a malware
  • Reverse Engineering for vulnerability research

    • Goal and methodology when searching for a vulnerability.
    • Using binary diffing for finding one-days.
    • Introduction to symbolic analysis (Z3, Triton)
    • Practice: analysis of a patch and development of a Proof-Of-Concept (POC)

Prerequisites and Requirements

  • A basic programming background, ideally in C or C++, as well as Python.
  • Some familiarity with system architecture or assembly would be beneficial but not required.

Requirements

  • A licensed version of IDA Pro with the possibility of running scripts or Ghidra.
  • An x86-64 machine with root (administrator) access
  • A PC or Mac with virtualization instructions enabled, capable of running VMware or Virtualbox is encouraged, but not strictly required.
Training by Bruno Pujos

Bruno is a security researcher specialized in low-level software RE. He is best known for the vulnerabilities he discovered in UEFI firmware and virtualization software.

Can't attend? All of our trainings are also available as a private classes for your company.

Access all of our classes and profesionally edited recordings.
All of our courses are also available as private trainings.
Courses are offered multiple times in different timezones.