Earn your next certification, guaranteed!

Reverse Engineering Malware Training Boot Camp

Learn how to reverse engineer and analyze malware! Reverse engineering is a vitally important skill for today’s expert security professional. Keep your organization safe by digging into the viruses, Trojans and rootkits being used by cybercriminals.

Become a Certified Reverse Engineering Analyst, guaranteed!

Boot camp overview

Infosec’s hands-on Reverse Engineering Boot Camp teaches you the necessary analysis skills to discover the true nature of any Windows binary. You’ll learn how to recognize the high-level language constructs (such as branching statements, looping functions and network socket code) critical to performing a thorough and professional reverse engineering analysis of a binary. After learning these important introductory skills, you will advance to the analysis of hostile code and malware, vulnerabilities in binaries, binary obfuscation schemes and more.

You will gain hands-on experience with popular commercial and open-source decompilers and debuggers, as well as learn how to use various hex editors, binary analysis programs and code coverage analyzers. The boot camp also prepares you to pass the Certified Reverse Engineering Analyst (CREA) exam.

Skill up and get certified, guaranteed

Exam Pass Guarantee

If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year.

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different Flex Pro or Flex Classroom course.

Knowledge Transfer Guarantee

If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.

What's included?

93% pass rate — the best in the industry

  • Five days of training with an expert reverse engineering instructor
  • Infosec proprietary digital courseware (physical textbooks available to purchase)
  • Certified Reverse Engineering Analyst (CREA) exam voucher
  • 90-day access to cyber range (Flex Pro)
  • 90-day access to course replays (Flex Pro)
  • Curated videos from other top-rated instructors (add-on)
  • 100% Satisfaction Guarantee
  • Exam Pass Guarantee (Flex Pro)

Hands-on labs

Learn the methodologies, tools, and manual reversing techniques used in real-world situations in our cloud-hosted reversing engineering lab. You’ll learn how to analyze:

  • Hostile code and malware, including ransomware, worms, viruses, Trojans, rootkits and bots
  • Vulnerabilities in binaries, including format string vulnerabilities, buffer overflow conditions and the identification of flawed cryptographic schemes
  • Binary obfuscation schemes used by hackers, Trojan writers and copy protection algorithms
  • Additionally, you will learn how to recognize the features of modern optimizing compilers and how to use various hex editors, binary analysis programs and code coverage analyzers

Award-winning training that you can trust

G2 Crowd High Performer

Technical Skills Development Software

Outstanding Partnership Award

Gold Winner

Best Cybersecurity Education Provider

Publisher's Choice

Security Training for Infosec Professionals

Top 20 Company

IT Training

Who should attend?

  • Malware analysts
  • Security researchers
  • Professionals looking to gain a technical understanding of malware
  • Anyone looking to improve their malware analysis and reverse engineering skills

Prerequisites

  • Firm understanding of the Windows Operating System
  • Firm understanding of computer architecture concepts
  • Grasp of the TCP/IP protocols

If you are unsure if you meet the required prerequisites, contact us for a quick network security training skill check.

Why choose Infosec

Your flexible learning experience

Infosec Flex makes expert, live instruction convenient with online and in-person formats tailored to how, when and where you learn best.

Public training boot camps held nationwide

  • Pre-study course materials
  • Live instruction
  • Digital courseware
  • Daily reinforcement materials
  • Catered lunches
  • Infosec community forum access
  • 100% Satisfaction Guarantee
  • Knowledge Transfer Guarantee

Most Popular

Immersive, live-streamed instruction

  • Pre-study course materials
  • Live instruction
  • Digital courseware
  • Daily reinforcement materials
  • Detailed performance reporting
  • Video replays
  • 90-day extended access to materials
  • Infosec community forum access
  • Exam Pass Guarantee
  • 100% Satisfaction Guarantee
  • Knowledge Transfer Guarantee

Tailored team training at your location

  • Pre-study course materials
  • Live, customized instruction at your location
  • Digital courseware
  • Daily reinforcement materials
  • Detailed team performance reporting
  • Video replays
  • 90-day extended access to materials
  • Infosec community forum access
  • Exam Pass Guarantee
  • 100% Satisfaction Guarantee
  • Knowledge Transfer Guarantee

Industry-leading exam pass rates

Infosec’s courseware materials are always up to date and synchronized with the latest CREA exam objectives. Our industry-leading curriculum and expert instructors have led to the highest pass rates in the industry. More than 93% of Infosec students pass their certification exams on their first attempt.

Learn from experts

We don’t just have great instructors, our instructors have years of industry experience and are recognized as experts. Over the past 15 years, we’ve helped tens of thousands of students get certified and advance their careers.

Can’t get away for a week?

Learn reverse engineering on-demand.

Get the cybersecurity training you need at a pace that fits your schedule with a subscription to Infosec Skills. Includes unlimited access to hundreds of additional on-demand courses — plus cloud-hosted cyber ranges where you can practice and apply knowledge in real-world scenarios — all for just $34 a month!

  • 300+ courses
  • 4 cyber range environments
  • 100+ hands-on labs
  • Certification practice exams
  • 40+ learning paths

You're in good company.

"I’ve taken five boot camps with Infosec and all my instructors have been great."

Jeffrey Coa

Information Security Systems Officer

"The course not only met my expectations, but exceeded them. It was the most engaging online training I’ve ever had."

Val Vask

Commercial Technical Lead

"I knew Infosec could tell me what to expect on the exam and what topics to focus on most."

Julian Tang

Chief Information Officer

Our clients

FedEx
Microsoft
Bank of America
Defense Information Systems Agency
Symantec

Find your boot camp

Reverse Engineering Boot Camp details

Day 1: Introduction to malware analysis and reverse engineering
Day one focuses on the fundamental knowledge required for malware analysis and reverse engineering. This day is designed to build critical skills required to proceed further into deeper discussions on reversing. You will also train on special purpose reversing debuggers and disassemblers. Lab exercises will focus on functionality of various reversing tools and basic static and dynamic analysis process.

  • Basic static and dynamic analysis
  • Reverse engineering concepts and legality
  • Machine code
  • Assembly language
  • System- and code-level reversing
  • Assembly basics (registers, operands, instructions)
  • Fundamentals of reverse engineering tools (IDA Pro, Radare2)

Day 2: Static and dynamic analysis
Day two encompasses a deep discussion with hands-on content for reversing Windows binaries. Key concepts include identifying code paths, control functions and developing a general understanding of the code to be analyzed. Debugging concepts are introduced and practiced in hands-on lab exercises.

  • Recognizing C Code constructs in assembly
  • Windows API
  • Windows Registry
  • Network APIs
  • DLLs
  • Processes, threads and services
  • Debugging process (stepping, breakpoints, modifying execution)
  • Kernel debugging
  • Debugging tools

Day 3: Analyzing malware functionality and behavior
Day three includes detailed coverage on reverse engineering malware. Focus is on live malware reversing using examples of viruses, Trojans and rootkits collected from the wild.

  • Understanding common malware types and functionality
  • Process injection and replacement
  • DLL injection
  • Direct, hook and APC injection and other malware launching technique
  • Registry persistence
  • Svchost.exe
  • Trojanized system binaries
  • DLL load order hijacking
  • Malware network behavior analysis
  • Kernel mode rootkits (SSDT hooking, interrupts)
  • User mode rootkits

Day 4: Anti-reversing techniques
Day four works with various anti-reversing techniques that software developers and malware writers put in place to make reverse engineering more difficult.

  • Basic anti-reversing strategies
  • Anti-disassembly
  • Detecting debuggers
  • Detecting VM presence
  • Analyzing packed executables
  • Popular packers (UPX, PECompact, ASPack, etc.)
  • Simple obfuscation techniques (XOR swap, junk code, etc.)
  • Obscuring through data flow and control flow
  • Constant unfolding
  • Deobfuscation tools
  • Base64 and other encoding schemes
  • Common ciphers and encoding schemes
  • Reversing ransomware

Day 5: Advanced reversing topics & CREA exam
Day five covers advanced reversing topics as well as the CREA exam. The day ends with you taking the CREA exam.

  • Recognizing C++ binaries
  • Identifying constructors and destructors
  • RTTI
  • 64-bit architecture
  • WoW64
  • 64-bit analysis
  • CREA exam overview
  • CREA exam