This 5-day course teaches reverse engineering and malware analysis skills. It covers analyzing Windows and Linux binaries to understand program flow and perform static and dynamic analysis. Topics include disassembly, decompilation, debugging, instrumentation, and patching code. The course is intended for reverse engineers, malware analysts, security engineers, incident responders, and security professionals who need to analyze and modify binaries to securely defend against evolving threats.

1. Syllabus Training Reverse Engineering
Overview
Reverse engineering and Malware Analysis is an important skill for today’s expert security professional.
Everything from reverse engineering and dissecting malware from discovering vulnerabilities in binaries
to analyzing malware, is required in order to properly secure an organization from today’s ever evolving
threats.
This 5-Days Course will teach you from the beginning of reverse engineering, perform binary analysis in
windows binary and linux executables files. You will learn how to recognize the high level language
constructs (such as branching statements, looping functions and network socket code) critical to
performing a thorough and professional reverse engineering analysis of a binary. After learning these
important introductory skills, this course will dig deeper into malware analysis process. The course will
teach you to perform static and dynamic malware analysis.
Who should attend?
• Reverse Engineer
• Malware Analyst
• IT Security Engineer
• Digital Forensic and Incident Responder Team
• IT Security Professional
What will I learn?
• Understand the key concepts of reverse engineering
• Performing Reverse Engineering in Windows Executables, Linux Executables
• Setup Safe Environment Lab for Reverse Engineering Analysis
• Perform Static and Dynamic Analysis
• Dump & Reconstruct Packed Application
• Trace and Modify Application
Digitally signed by Satria
Ady Pradana
DN: C=ID, OU=Training,
O=Reversing.ID,
CN=Satria Ady Pradana,
E=xathrya@reversing.id
Reason: Signed
Location:
Date: 2019-05-22 16:51:
19
Satria
Ady
Pradana

2. Module I – Introductions
• Introduction to Reverse Engineering
• Modern Computing Architecture
▪ x86 and ARM
▪ Operating System
Module II - Basic Identification
• Introduction to Native and Interpreted Code
• Structured and Unstructured Data
• Executable File Format
▪ Portable Executable (PE)
▪ Executable and Linking Format (ELF)
• Format Identification & Analysis
▪ Compiler, Runtime, Characteristics Identification
▪ String Extraction and Analysis
▪ File Format Analysis
Module III - Basic Program Flow
• Introduction to Programming
• Basic C programming
▪ Branching
▪ Loop
▪ Functions
• Basic Assembly Programming
▪ Opcodes and Assembly Languages
▪ Arithmetic and Logic Commands
▪ Memory Access & Segmentations
• Mapping from C to Assembly.
Module IV - Static Analysis (x86)
• Introduction to Static Analysis
• Disassembly & Decompilation
• Graph and Control Flow
• Structure Identification
• Signature Modification

3. • API Identification
Module V – Dynamic Analysis (x86)
• Debugging
o Introduction to Debugger
o Debugging Control (Breakpoint, Steps, Trace)
o Control Flow Modification
• Dynamic Binary Instrumentation
• Code Emulation
• Traffic Analysis
Module VI – Binary Alteration (x86)
• Code Patching
• Code Injection
• Code Cave
• Application Unpacking
o Binary Dumping
o Import Reconstruction
Module VII - Code Protection (x86)
• Anti-Disassembly
• Anti-Debugging
• Code Encryption & Dynamic Load
• Code Virtualization