top of page

REVERSE ENGINEERING AND MALWARE ANALYSIS

Price:

€3960

Format:

Online / Offline

Duration:

4 days

Level:

Basic / Advanced

Image-empty-state.png

Trainer

Arnau Gàmez i Montolio

Arnau is a catalan hacker, reverse engineer and mathematician, with an extensive background in code (de)obfuscation research and Mixed Boolean-Arithmetic expressions, as well as industry experience as a senior malware reverse engineer.
He's a founder of Fura Labs (@FuraLabs), a research & education firm on software security and reverse engineering as well as a co-founder and president of @HackingLliure, a non-profit association and hacking community.
Arnau is also a regular speaker and trainer at several international security conferences like HITB, RootedCON, RuhrSec, r2con, etc.

About the training

In today's digital landscape, the evolving threat of malware poses risks to individuals and organizations. Malware analysis is crucial for cybersecurity professionals to comprehend malicious software and develop countermeasures. Whether you're a beginner or an experienced analyst, these courses offer a comprehensive approach to understanding, analyzing, and mitigating malware's impact. They also cover reverse engineering, dissecting and understanding the code and functionality of malware. By equipping yourself with the necessary knowledge and skills gained from these courses, you will be better prepared to defend against the ever-evolving landscape of malware and contribute to the security of individuals and organizations in the digital realm.


Beginners guide
Learn how to set up a malware analysis lab environment using virtual machines and perform basic static and dynamic analysis in this course designed for complete beginners. Students will benefit from a comprehensive introduction to reverse engineering, focusing on Windows platform and PE files. Equipped with this knowledge, we’ll analyze malware samples in more depth with an interactive disassembler, and jump into a debugger for a precise dynamic analysis of their execution flow.

Syllabus
• Introduction
• Set up a malware analysis lab
• Basic static analysis
• Basic dynamic analysis
• Introduction to x86/x64 reverse engineering Static analysis of Windows malware
• Debugging Windows malware
• Basic unpacking

Key takeaways
• Build a home malware analysis lab
• Extract information and indicators from malware samples
• Understand and analyze x86/x64 binaries with reverse engineering
• Perform static and dynamic analysis of Windows malware
• Unpack and decrypt malware to be able to analyze them


Advanced guide
Once equipped with the skills and understanding covered in the beginner’s course, students
 are ready to deepen their knowledge of sophisticated malware analysis and tools. Learn advanced unpacking methods to face any unknown packer, how to extract and analyze shellcode, plus expert level techniques to detect covert malware techniques including process injection, process hollowing, and more. Moving onto Windows kernel driver rootkits analysis and debugging, students will progress to malware obfuscation mechanisms, as well as common anti-reverse engineering techniques, ranging from anti-disassembly, to anti-debugging and vm detection. To finish, students will learn how to address NoPE malware coming in the form of various Script files, Powershell, Office macros, etc.

Syllabus
• Advanced unpacking
• Shellcode analysis
• Covert malware
• Analysis of Windows kernel driver rootkits Malware obfuscation mechanisms
• Anti reverse engineering techniques: anti-disassembly, anti-debugging, anti-vm NoPE malware: Python, Javascript, Powershell, Office macros, AutoIt

Key takeaways
• Understand and analyze custom shellcode used by malware
• Detect and analyze covert malware techniques
• Analyze Windows kernel drivers
• Defeat malware obfuscation and anti reverse engineering techniques
• Explore NoPE distributed malware

bottom of page