Reverse Engineering for Malware Analysts

Course material is customized to our clients. This offering, Reverse Engineering for Malware Analysts, is available over four days. All course material is delivered on-site by our expert instructors.

We’ll take your malware reverse engineering skills to the next level. This four-day module provides a toolbox for tackling the advanced techniques that malware uses to hide or obscure its functionality. Students will dive deep into Binary Ninja’s Python API to automate most common analysis tasks, and extend Binary Ninja’s built-in functionality with plugins. By the end of the course, analysts will be writing plugins that detect and deobfuscate strings and control flow to make sense of a binary’s functionality, as well as scripting detection routines to identify malicious behavior for batch processing. Exercises include:

Requirements

Knowledge & Experience

Students must have experience with Python and C; students without this experience will not be successful. C++ experience is useful, but not required.

Students should also have at least a foundational knowledge of an assembly language, as well as reverse engineering concepts.

Equipment

Students should bring a laptop that meets the following requirements:

Sample Syllabus

Day 1

Day 2

Day 3

Day 4