Course essentials
Boot camp at a glance
-
Method
Online, in-person, team onsite
-
Duration
5 days
-
Experience
1-3 years
What you'll learn
Training overview
Infosec’s hands-on Reverse Engineering Boot Camp teaches you the necessary analytical skills to discover the true nature of any Windows binary. You’ll learn how to recognize the high-level language constructs (such as branching statements, looping functions and network socket code) critical to performing a thorough and professional reverse engineering analysis of a binary. After learning these important introductory skills, you will advance to the analysis of hostile code and malware, vulnerabilities in binaries, binary obfuscation schemes and more.
You will gain hands-on experience with popular commercial and open-source decompilers and debuggers, as well as learn how to use various hex editors, binary analysis programs and code coverage analyzers. The boot camp also prepares you to pass the Certified Reverse Engineering Analyst (CREA) exam.
Award-winning training you can trust
What's included
Everything you need to know
- 90-day extended access to Boot Camp components, including class recordings
- 100% Satisfaction Guarantee
- Exam Pass Guarantee
- Exam voucher
- Free 90-day Infosec Skills subscription (access to 1,400+ additional courses and labs)
- Hands-on cyber ranges and labs
- Knowledge Transfer Guarantee
- Onsite proctoring of exam
- Pre-study learning path
- Unlimited practice exam attempts
Syllabus
Training schedule
Day 1
Introduction to malware analysis and reverse engineering
- Basic static and dynamic analysis
- Reverse engineering concepts and legality
- Machine code
- Assembly language
- System- and code-level reversing
- Assembly basics (registers, operands, instructions)
- Fundamentals of reverse engineering tools (IDA Pro, Radare2)
Introduction to malware analysis and reverse engineering continued
- Basic static and dynamic analysis
- Reverse engineering concepts and legality
- Machine code
- Assembly language
- System- and code-level reversing
- Assembly basics (registers, operands, instructions)
- Fundamentals of reverse engineering tools (IDA Pro, Radare2)
Optional group & individual study
Day 2
Static and dynamic analysis
- Recognizing C Code constructs in assembly
- Windows API
- Windows Registry
- Network APIs
- DLLs
- Processes, threads and services
- Debugging process (stepping, breakpoints, modifying execution)
- Kernel debugging
- Debugging tools
Static and dynamic analysis continued
- Recognizing C Code constructs in assembly
- Windows API
- Windows Registry
- Network APIs
- DLLs
- Processes, threads and services
- Debugging process (stepping, breakpoints, modifying execution)
- Kernel debugging
- Debugging tools
Optional group & individual study
Day 3
Analyzing malware functionality and behavior
- Understanding common malware types and functionality
- Process injection and replacement
- DLL injection
- Direct, hook and APC injection and other malware launching techniques
- Registry persistence
- Sxchost.exe
- Trojanized system binaries
- DLL load order hijacking
- Malware network behavior analysis
- Kernel mode rootkits (SSDT hooking, interrupts)
- User mode rootkits
Analyzing malware functionality and behavior continued
- Understanding common malware types and functionality
- Process injection and replacement
- DLL injection
- Direct, hook and APC injection and other malware launching techniques
- Registry persistence
- Sxchost.exe
- Trojanized system binaries
- DLL load order hijacking
- Malware network behavior analysis
- Kernel mode rootkits (SSDT hooking, interrupts)
- User mode rootkits
Optional group & individual study
Day 4
Anti-reversing techniques
- Basic anti-reversing strategies
- Anti-disassembly
- Detecting debuggers
- Detecting VM presence
- Analyzing packed executables
- Popular packers (UPX, PECompact, ASPack, etc.)
- Simple obfuscation techniques (XOR swap, junk code, etc.)
- Obscuring through data flow and control flow
- Constant unfolding
- Deobfuscation tool
- Base64 and other encoding schemes
- Common ciphers and encoding schemes
- Reversing ransomware
Anti-reversing techniques continued
- Basic anti-reversing strategies
- Anti-disassembly
- Detecting debuggers
- Detecting VM presence
- Analyzing packed executables
- Popular packers (UPX, PECompact, ASPack, etc.)
- Simple obfuscation techniques (XOR swap, junk code, etc.)
- Obscuring through data flow and control flow
- Constant unfolding
- Deobfuscation tool
- Base64 and other encoding schemes
- Common ciphers and encoding schemes
- Reversing ransomware
Optional group & individual study
Day 5
Advanced reversing topics
- Recognizing C++ binaries
- Identifying constructors and destructors
- RTTI
- 64-bit architecture
- WoW64
- 64-bit analysis
CREA exam review
CREA exam
Guaranteed results
Our boot camp guarantees
Exam Pass Guarantee
If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year (does not apply to CMMC-AB boot camps).
100% Satisfaction Guarantee
If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.
Knowledge Transfer Guarantee
If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.
Unlock team training discounts
If you’re like many of our clients, employee certification is more than a goal — it’s a business requirement. Connect with our team to learn more about our training discounts.
You're in good company
The instructor was able to take material that prior to the class had made no sense, and explained it in real world scenarios that were able to be understood.
Erik Heiss, United States Air Force
I really appreciate that our instructor was extremely knowledgeable and was able to provide the information in a way that it could be understood. He also provided valuable test-taking strategies that I know not only helped me with this exam, but will help in all exams I take in the future.
Michelle Jemmott, Pentagon
The course was extremely helpful and provided exactly what we needed to know in order to successfully navigate the exam. Without this I am not confident I would have passed.
Robert Caldwell, Salient Federal Solutions
Enroll in a boot camp
Explore our top boot camps
More learning opportunities
-
Most popularBoot camp
CompTIA Security+ Training Boot Camp
Infosec’s CompTIA Security+ Boot Camp teaches you information security theory and reinforces that theory with hands-on exercises to help you learn by doing. You’ll learn how to configure and operate many different technical security controls — and leave prepared to pass your Security+ exam.
Learn More
-
#1 FOR BEGINNERSBoot camp
Cisco CCNA Associate & CyberOps Associate Training Boot Camp with Dual Certification
Infosec’s authorized CCNA Dual Certification Boot Camp helps you build your knowledge of networking and provides hands-on experience installing, configuring and operating network devices — all while preparing you to earn two Cisco certifications.
Learn More
-
Most requestedBoot camp
(ISC)² CISSP® Certification Training and Boot Camp
Take your career to the next level by earning one of the most in-demand cybersecurity certifications. Infosec’s CISSP training provides a proven method for mastering the broad range of knowledge required to become a Certified Information Systems Security Professional.
Learn More