Certification Programmes

MCSI Certification

MCD - Certified Code Deobfuscation Specialist

Individuals who have successfully achieved their MCD Certification can defeat code-level obfuscation techniques employed by APTs such as Control Flow Flattening, Opaque Predicates, and Virtual Machines.

This Certification is aimed at malware analysts that want to develop code deobfuscation capabilities to join advanced reverse engineering teams.

Register Now
Intermediate Level MCSI Certification Advanced
ic-certificate Certification
ic-clock 600+ hours
cpe-points 231
ic-money US$450
No Expiry, No Renewals

Overview

MCSI Certifications are world-class. The content is cutting-edge, uniquely-designed, hands-on and challenging. Our exercises teach in-demand skills that are immediately applicable in the field. MCSI's unique approach helps students around the world advance their careers.

This Certification has no expiry date. It has no renewal fees, no hidden fees, and is accessible with no time limits.

MCSI Certified Code Deobfuscation Specialist:

  • Defeat code-level obfuscation techniques to recover the original high-level code
  • Recover protected data such as IP addresses, domain names, keys and other strings
  • Recover the original malware architecture prior to its obfuscated state
  • Produce high-fidelity descriptions of what protected software code does

This Certification focuses 100% on teaching code deobfuscation techniques employed by Advanced Persistent Threats (APTs).

Curriculum

Training Modules

  • Lab Setup - 3 exercises
  • Key Concepts - 3 exercises
  • Ghidra Fundamentals - 9 exercises
  • Code Obfuscation Fundamental Techniques - 13 exercises
  • Basic Virtual Machine Protection Techniques - 4 exercises
  • Intermediate Code Obfuscation Techniques - 12 exercises
  • Intermediate Virtual Machine Protection Techniques - 8 exercises
  • Automated Binary Analysis - 5 exercises
  • Automated Code Deobfuscation Techniques - 4 exercises

Scenarios

  • Basic Code Deobfuscation Challenges - 8 exercises
  • Intermediate Code Deobfuscation Challenges (Part 1) - 7 exercises
  • Intermediate Code Deobfuscation Challenges (Part 2) - 6 exercises
  • Breaking APT Malware Samples - 7 exercises
  • Breaking Advanced Binary Protections - 4 exercises

Sample Exercises

Below are three (3) exercises from the 90+ exercises available in MCD - Certified Code Deobfuscation:

Write A Program In Assembly That Decrypts Part Of Itself Using A Simple XOR Decryption Loop (Novice)

exercise


Write A Ghidra Plugin To Identify Duplicate Code Blocks (Advanced Beginner)

exercise


Professionally Document A Reverse Engineering Project In Ghidra (Competent)

exercise

Enrolment and Fees

Fees

US$450 (+ GST if you're based in Australia).

Practical exercises must be completed online using MCSI's Online Learning Platform.

How to enrol

  1. Login/Register for MCSI's Online Learning Platform
  2. Select `Shop` from the left-side menu
  3. Find the MCD - Certified Code Deobfuscation Specialist, select `Buy` and proceed through the checkout process. You can purchase using a Credit Card or PayPal
  4. Once you have enrolled in the MCD - Certified Code Deobfuscation Specialist, the curriculum unlocks immediately
  5. In the left-side menu of the platform, select `Training & Education` then `MCSI Curriculums`, and you will see the MCD - Certified Code Deobfuscation Specialist listed

Terms and Conditions

  • No discounts
  • No refunds
  • No transfers
  • No renewal fees
  • No hidden fees
  • No time limits
Register Now

Requirements

Proficiency in the English language

Ability to comfortably read and understand IT documentation written in English. Ideally, an IELTS score of 6.5 with no band less than 6 (or equivalent).

Note: You can register for this course without having undertaken an English test.

Prerequisite Knowledge

This is an advanced malware analysis and reverse engineering course.

We recommend that you have at least two (2) years of professional experience working as a Malware Analyst prior to registering for this certification.

Examples of key skills that you should have mastered:

  • Experience reading and understanding the Assembly language
  • Ability to write programs in Python and C
  • Ability to manually decompile Assembly back to C code
  • Knowledge of common malware techniques

How can I acquire these pre-requisite skills if I don't have them?

Consider the following certification training: MRE - Certified Reverse Engineer

Frequently Asked Questions

What is the MCSI Method™?

Common Questions

  • Are solutions included in certifications and bundles?
    • No. Our method of teaching cyber security consists of challenging you with real-world problem statements that you're expected to research and solve by doing your own research. This is how you'll be expected to work in the field. When you fail an exercise, we provide you with constructive feedback to improve and try again.
  • Do the videos provides the answers to exercises?
    • No. The videos teach concepts, mindset, methodologies, procedures and professional skills such as report writing, interviewing and preparing proposals.
  • Do bundles or certificates ever expire? Am I expected to buy again in the future?
    • Once purchased, bundles and certificates are unlocked forever. They are no recurring or ongoing fees.
  • Do you offer any special offers and discounts?
    • No.
  • If I can't solve the exercise where do I go for help?
  • Who reviews and marks exercises?
    • Trained cyber security instructors that work for Mossé Cyber Security Institute.
  • We can't pay via credit card. Can you raise an invoice for international wire payment instead?
    • Yes. Send us the list of bundles and certifications you want to purchase at [email protected]
  • Can I access a trial/demo the certification programmes prior to enrolling?
    • We provide a free curriculum with 82 practical exercises you can try.
    • The Free Curriculum teaches Security Tools, Penetration Testing, Red Teaming, Threat Hunting, Cyber Defence, GRC and Windows Internals.
    • Try the Free Curriculum
  • What is an `Unofficial Curriculum`?
    • An `Unofficial Curriculum` contains MCSI's practical exercises aligned to a non-MCSI Industry Certification syllabus.
    • We offer unofficial curriculums for the OSCP, ISACA CISA, ISACA CISM, ISACA CRISC, CCT ICE, CCSAS, CCT ACE.
  • Do you provide Continuing Professional Education (CPE) credits?
    • Yes. Every single exercise offers CPE credits. The number of credits earned depends on the difficulty of the exercise completed. Below are the CPE Credits achieve for an exercise in each difficulty:
    • Novice exercises = 1 CPE credits
    • Advanced Beginner exercises = 2 CPE credits
    • Competent exercises = 5 CPE credits
    • Proficient exercises= 8 CPE credits
    • Beyond Proficient exercises = 16 CPE credits
  • Are MCSI courses/certifications recognized and have value outside of Australia?
    • Yes. MCSI certifications have value worldwide and are recognized by employers looking for individuals with practical cyber security skills.
    • MCSI's training is 100% practical with real cybersecurity problems designed to teach immediately applicable skills in the field. To solve our practical exercises, students must do their own research and develop their own solutions.
    • While completing exercises, students also develop their own comprehensive cybersecurity portfolio of skills. Individuals use this portfolio to demonstrate their cybersecurity competencies to solve real industry problems to future employers or hiring managers.
  • Do I need to complete an exam to receive MCSI Certification?
    • No. MCSI Certifications are completed by solving practical cybersecurity exercises.

Career Outcomes

This certification successfully prepares you for the following role:

  • Senior Malware Analyst
Certification Detail

Training Curriculum and Certifications

Students unlock Certificates of Completion for every exercise they complete. Industry Certifications are unlocked upon achieving Skills Proficiency Milestones.

1
ic-step-1

Student

2
ic-step-2

Obtain CPE points by solving exercises

3
ic-step-3

Achieve multiple certifications

4
ic-step-4

Receive help from instructors online

MCSI's MCD certification covers all six levels of the Australian Signals Directorate's Cyber Skills Framework. You will achieve a certificate upon reaching each level. You will earn an industry certification at Level 5. Click here to learn more.

ASD Skills Proficiency Level Curriculum Completion Requirement Scenarios Completion Requirement
MCSI Code Deobfuscation Learner Level 1 0% 0%
MCSI Novice Code Deobfuscation Practitioner Level 2 20% 0%
MCSI Code Deobfuscation Practitioner Level 3 50% 25%
MCSI Senior Code Deobfuscation Practitioner Level 4 70% 50%
MCSI Certified Principal Code Deobfuscation Practitioner Level 5 80% 75%
MCSI Certified Expert Code Deobfuscation Specialist Practitioner Level 6 95% 100%

As an MCSI Certified Code Deobfuscation Specialist you will be fully capable of performing the following:

  • Apply and remove the following obfuscation techniques
    • Control Flow Flattening
    • Dead Code
    • Disaligned Branches
    • Function argument randomisation
    • Garbage Insertion
    • Instruction Substitution
    • Merging and Splitting Functions
    • Mixed Boolean Arithmetics
    • Opaque Predicates
    • Split and Merge Variables
    • Virtual Machine Hardening
    • Virtualisation Obfuscation
  • Develop automated solutions for program analysis
    • Writing custom disassemblers to recover virtualised instructions
    • Developing Ghidra extensions to identify and remove code protections
    • Patching and rewriting binaries
    • Tracing instructions
    • Decrypting and decoding protected data
  • Produce high-fidelity descriptions of obfuscated executable code
  • Recover indicators of compromise protected with encryption and/or encoding
  • Deobfuscate and recover protected code that can later be recompiled into a clean state

Why MCSI’s Code Deobfuscation Certification is World Class

why MCSI certifications

Comprehensive, Effective, Exceeds Standards

Holders of the MCD Certification have completed 100 practical online exercises thus demonstrating that they have the skills and knowledge in the following areas: code protection analysis, code deobfuscation, program analysis, and program decompilation.

why MCSI certifications

Manual Analysis

Students who have obtained this Certification have demonstrated that they have a full understanding of code protection techniques because they have first implemented and defeated them by hand and then developed automated solutions to deal with real-life APT samples.

why MCSI certifications

APT Level

Students who have obtained MCD have demonstrated that they can deobfuscate APT malware samples protected with techniques such as Control Flow Flattening, Opaque Predicates and Virtualisation.

DO YOU HAVE A QUESTION?

We'll respond within 24 hours

Visit our Frequently Asked Questions (FAQ) page for answers to the most common questions we receive.

Ready to learn hands-on cyber security skills online?

Register Now