Software Reverse Engineering and Security Analysis
This 3-day course offers a broad and deep examination of the fundamental techniques of software reverse engineering used by attackers and security researchers alike. Students gain a practical foundation for all areas of software security research, including forensics, penetration testing, vulnerability research, exploit development, and malware analysis. The course covers general concepts and techniques that apply to the full spectrum of computing targets, from bare-metal and RTOS-powered embedded systems to mobile and desktop systems running Android, Windows, Linux and MacOS.
Attendees will gain hands-on experience with state-of-the-art techniques and tools of the hacking trade through a series of lab exercises that reinforce the content of the lecture material. The exercise incorporate several popular instruction sets, including x86, MIPS, PowerPC, and ARM. Students will learn how to use IDA Pro to reverse binaries, and each student will take home their own licensed copy of IDA Pro! Each student will also take home a Trezor cryptocurrency hardware wallet that will be used in several student exercises throughout the course. Together these alone have a retail value of nearly $1,000.
Attendees should be experienced with the C and/or C++ programming languages and should have some prior exposure to assembly language.
Each student will need to provide their own laptop and must have administrator access. Some of the lab exercises will be performed in a VM, and the students should install VirtualBox on their system before arriving for the first day of class.
Download the course syllabus here.