ENO Institute is privileged to have been part of many ground-breaking technology projects worldwide for 25+ years. We’ve learned a lot, and we’re pleased to share what we’ve learned with you via our knowledge programs.

OUR CONTACTS


Saint Charles Ct Stafford, Virginia 22556

(+1) 540 720 9660 (+1) 888 742 3214

Seminars

Let\'s Work Together

Reverse Engineering Malware Training Workshop

Start
October 7, 2024
End
October 11, 2024
Time
9:00 AM - 5:00 PM
Timezone
UTC+0
Address
VIRTUAL CLASS   View map
Phone
540-720-9660

$4,895.00

Reverse Engineering Malware Training Workshop

Guaranteed to Run Guaranteed to Run

Status

Schedule

09:00 - 09:15 WELCOMING AND INTRODUCTION

12:00 - 01:00 BREAK

05:00 - 05:00 CLOSED OF SESSION

Event Details

Reverse Engineering Malware Training Workshop

This Reverse Engineering Malware Training Workshop course introduces the concept of malware, how they function, their types, and how they are extensively used in Advanced Persistent attacks (APTs) to siphon off critical business information from an organization on regular basis. We start off with the concepts of Assembly language, PE Header, and disassembling v/s debugging with advanced debugging features. We also perform RE to analyze an application dissecting it to the level where malware code is present.

We provide practice malware lab setup consisting of virtual machines and a sandbox environment. We use debuggers such as IDA and Ollydbg, disassemblers, and various monitoring tools to perform analysis to track the movement of the malware across the virtual network. We will also delve deep into advanced techniques such as analyzing shellcodes, PowerShell malware, malicious documents, anti-virus evasion, and so on. Further, we take a peek at different anti-reversing, anti-emulation, and anti-debugging techniques used by advanced malware

Reverse Engineering Malware Training Workshop

Your Registration Includes
  • 5 days of Reverse Engineering Malware Training Workshop with an expert instructor
  • Reverse Engineering Malware Electronic Course Guide
  • Certificate of Completion
  • 100% Satisfaction Guarantee
RESOURCES
RELATED COURSES
AUDIENCE/TARGET GROUP:

The target audience for this Reverse Engineering Malware Training Workshop course:

  • Malware analysts
  • Security researchers
  • Professionals looking to gain a technical understanding of malware
  • Any individual looking forward to understanding Reverse Engineering and Malware Analysis
COURSE PREREQUISITES:

The knowledge and skills that a learner must have before attending this Reverse Engineering Malware Training Workshop course are:

  • Firm understanding of the Windows Operating System
  • Firm understanding of computer architecture concepts
  • Grasp of the TCP/IP protocols

Reverse Engineering Malware Training Workshop

COURSE SYLLABUS
DAY 1: INTRODUCTION TO MALWARE ANALYSIS AND REVERSE ENGINEERING

Day one focuses on the fundamental knowledge required for malware analysis and reverse engineering. This day is designed to build the critical skills required to proceed further into deeper discussions on reversing. You will also train on special-purpose reversing debuggers and disassemblers. Lab exercises will focus on the functionality of various reversing tools and basic static and dynamic analysis processes.

  • Basic static and dynamic analysis
  • Reverse engineering concepts and legality
  • Machine code
  • Assembly language
  • System- and code-level reversing
  • Assembly basics (registers, operands, instructions)
  • Fundamentals of reverse engineering tools (IDA Pro, Radare2)
  • Reverse Engineering Malware Training
DAY 2: STATIC AND DYNAMIC ANALYSIS

Day two encompasses a deep discussion with hands-on content for reversing Windows binaries. Key concepts include identifying code paths, and control functions, and developing a general understanding of the code to be analyzed. Debugging concepts are introduced and practiced in hands-on lab exercises.

  • Recognizing C Code constructs in assembly
  • Windows API
  • Windows Registry
  • Network APIs
  • DLLs
  • Processes, threads, and services
  • Debugging process (stepping, breakpoints, modifying execution)
  • Kernel debugging
  • Debugging tools
DAY 3: ANALYZING MALWARE FUNCTIONALITY AND BEHAVIOR

Day three includes detailed coverage of reverse engineering malware. The focus is on live malware reversing using examples of viruses, Trojans, and rootkits collected from the wild. Reverse Engineering Malware Training

  • Understanding common malware types and functionality
  • Process injection and replacement
  • DLL injection
  • Direct, hook, and APC injection and other malware launching techniques
  • Registry persistence
  • Svchost.exe
  • Trojanized system binaries
  • DLL load order hijacking
  • Malware network behavior analysis
  • Kernel mode rootkits (SSDT hooking, interrupts)
  • User mode rootkits
DAY 4: ANTI-REVERSING TECHNIQUES

Day four works with various anti-reversing techniques that software developers and malware writers put in place to make reverse engineering more difficult.

  • Basic anti-reversing strategies
  • Anti-disassembly
  • Detecting debuggers
  • Detecting VM presence
  • Analyzing packed executables
  • Popular packers (UPX, PECompact, ASPack, etc.)
  • Simple obfuscation techniques (XOR swap, junk code, etc.)
  • Obscuring through data flow and control flow
  • Constant unfolding
  • Deobfuscation tools
  • Base64 and other encoding schemes
  • Common ciphers and encoding schemes
  • Reversing ransomware
DAY 5: ADVANCED REVERSING TOPICS & CREA EXAM

Day five covers advanced reversing topics as well as the CREA exam. The day ends with you taking the CREA exam.

  • Recognizing C++ binaries
  • Identifying constructors and destructors
  • RTTI
  • 64-bit architecture
  • WoW64
  • 64-bit analysis
Reverse Engineering Malware Training WorkshopReverse Engineering Malware Training Workshop Recap, Q/A, and Evaluations

Reviews

There are no reviews yet.

Be the first to review “Reverse Engineering Malware Training Workshop”

Your email address will not be published. Required fields are marked *