reverse engineering


Course Description

Every computer incident involves a Trojan, backdoor, virus, or rootkit. Incident responders must be able to perform rapid analysis on the malware encountered in an effort to cure current infections and prevent future ones.

During malware analysis, the analyst must determine how it operates, what functionality is built in and what attacker controlled domains or Internet Protocol (IP) addresses it communicates with. Failing to understand the malware functionality threatens all remediation efforts. This course provides a quick introduction to the tools and methodologies used to perform malware analysis on executable found on Windows systems using a practical, hands-on approach. Students will learn how to extract host and networkbased indicators from a malicious program using dynamic and static analysis techniques. Candidate will also learn the basics of how to find the functionality of a program by analyzing disassembly and by watching how it modifies a system as it runs in a debugger.

Target Audience

Malware Analysis training course will significantly benefit to Information technology / security staff, corporate investigators or others requiring an understanding of how malware functions and the processes involved in Malware Analysis.Prior to enrolling in

our authorized malware analyst, candidates must have basic knowledge of:

  • Computer and Operating System fundamentals
  • Exposure to software development
  • Experience in Assembly and C programming languages

Those who successfully completed this training have pursue his/her career as a Malware Analyst or in the field of reverse engineering.

Course Duration

  • 24 Hours

Course Key Highlights

  • Employ network and system-monitoring tools to examine how malware interacts with the file system, the registry, the network and other processes in a Windows environment.
  • Uncover and analyse malicious VBScript components of web pages, which are often used by exploit kits for driveby attacks.
  • Control relevant aspects of the malicious program's behaviour through network traffic interception and code patching to perform effective malware analysis.
  • Use a disassembler and a debugger to examine inner-workings of malicious Windows executable.
  • Bypass a variety of packers and other defensive mechanisms, designed by malware authors to misdirect, confuse and otherwise slow down the analyst.
  • Recognize and understand common assembly-level patterns in malicious code, such as DLL injection and antianalysis measures

Course Content

  • Introduction to Reverse Engineering?
  • Windows Architecture?
  • Assembly Language Fundamentals
  • Windows PE Format Analysis
  • Application Cracking
  • Tools for Reverse Engineering
  • Reversing Technique of VB Applications
  • Reversing Technique of DotNet Applications
  • World of Malwares
  • Malware Analysis Lab Setup
  • Basic Static Analysis of Malware
  • Basic Dynamic Analysis of Malware
  • Advanced Malware Analysis