Applied Reverse Engineering

Applied Reverse Engineering

This course combines deep understanding of reverse engineering with rapid triage techniques to provide students with a broad capability to analyze malicious artifacts uncovered during incident response. By tailoring the instruction to rapid assessment of binaries, we equip students with the skills required to keep up with modern malware and rapidly extract the most valuable and pertinent data to their investigations, including Indicators of Compromise (IOCs). Rapid RE includes considerable lab time utilizing replicated enterprise networks and attacks as observed in the wild. Students will leave with an understanding of:
  • How real world attacks are carried out
  • File triage processes and techniques
  • Intelligence extraction techniques from malware
  • How to deal with binary obfuscation techniques
  • How to get indicators from a file in a hurry

Students will spend a significant amount of time creating their own custom tools in a lab environment. The labs are designed around the students working through the following:
  • Recognizing file format infections from various sources
  • Advanced triage capabilities
  • Extract host and network indicators from file format exploits
  • Developing your own custom process trace capabilities for IOC extraction
  • Rapid shell code analysis using the not so common tools and techniques
  • Rapid binary de-obfuscation techniques with IDA Pro and Debuggers
  • Rapid unpacking techniques

The labs will be interwoven into the lecture so that students will receive a significant amount of time exercising these new skills as they learn. By the end of the class students will have spent 50% of the time in a lab environment. A significant portion of the class will be dedicated to building new tools, on the fly, to solve the challenges posed by a difficult adversary.

Trainer:

This course is taught by experienced Mossé Security’s instructors. Our instructors have over 10 years of experience delivering penetration testing, red teaming and incident response services for a multitude of industries that have involved complex and multi-faceted approaches. Our instructors each possess the right balance of corporate experience and are competently skilled in presenting and teaching to groups.

Beyond their technical abilities and years of professional experience, our instructors are also trained teachers and public speakers. Their manner of teaching easily conveys their passion for computer security to every one of our students.

Notify Me!

We contact you next time this course runs