Reverse Engineering Malware Training Boot Camp
Learn how to reverse engineer and analyze malware! Reverse engineering is a vitally important skill for today’s expert security professional. Keep your organization safe by digging into the viruses, Trojans and rootkits being used by cybercriminals.
Become a Certified Reverse Engineering Analyst, guaranteed!
- Five days of expert, live Reverse Engineering training
- Exam Pass Guarantee
- Exam voucher
- Unlimited practice exam attempts
- 100% Satisfaction Guarantee
- Free annual Infosec Skills subscription ($599 value!)
- 1-year access to all boot camp video replays and materials
- Onsite proctoring of exam
- Pre-study learning path
- Knowledge Transfer Guarantee
Hands-on labs
Learn the methodologies, tools, and manual reversing techniques used in real-world situations in our cloud-hosted reversing engineering lab. You’ll learn how to analyze:
- Hostile code and malware, including ransomware, worms, viruses, Trojans, rootkits and bots
- Vulnerabilities in binaries, including format string vulnerabilities, buffer overflow conditions and the identification of flawed cryptographic schemes
- Binary obfuscation schemes used by hackers, Trojan writers and copy protection algorithms
- Additionally, you will learn how to recognize the features of modern optimizing compilers and how to use various hex editors, binary analysis programs and code coverage analyzers
Training overview
Infosec’s hands-on Reverse Engineering Boot Camp teaches you the necessary analytical skills to discover the true nature of any Windows binary. You’ll learn how to recognize the high-level language constructs (such as branching statements, looping functions and network socket code) critical to performing a thorough and professional reverse engineering analysis of a binary. After learning these important introductory skills, you will advance to the analysis of hostile code and malware, vulnerabilities in binaries, binary obfuscation schemes and more.
You will gain hands-on experience with popular commercial and open-source decompilers and debuggers, as well as learn how to use various hex editors, binary analysis programs and code coverage analyzers. The boot camp also prepares you to pass the Certified Reverse Engineering Analyst (CREA) exam.
What you’ll learn
- Static and dynamic analysis
- Analyzing malware functionality and behavior
- Anti-reversing techniques
- Detecting debuggers
- Advanced reversing topics & CREA exam
Who should attend
- Malware analysts
- Security researchers
- Professionals looking to gain a technical understanding of malware
- Anyone looking to improve their malware analysis and reverse engineering skills
Prerequisites
- Firm understanding of the Windows Operating System
- Firm understanding of computer architecture concepts
- Grasp of the TCP/IP protocols
If you are unsure if you meet the required prerequisites, contact us for a quick network security training skill check.
Everything you need to earn your CREA
- Five days of expert, live Reverse Engineering training
- Exam Pass Guarantee
- Exam voucher
- Unlimited practice exam attempts
- 100% Satisfaction Guarantee
- Free annual Infosec Skills subscription ($599 value!)
- 1-year access to all boot camp video replays and materials
- Onsite proctoring of exam
- Pre-study learning path
- Knowledge Transfer Guarantee
Exam Pass Guarantee
We guarantee you’ll pass your exam on the first attempt. Learn more.
Reverse engineering training schedule
Infosec’s reverse engineering training is more than just a boot camp. We support you before, during and after your live training to ensure you’re fully prepared for your exam — and get certified on your first attempt.
- Before your boot camp
-
Start learning now. You’ll get immediate access to all the content in Infosec Skills so you can prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.
-
- During your boot camp
-
Day 1: Introduction to malware analysis and reverse engineering
Day one focuses on the fundamental knowledge required for malware analysis and reverse engineering. This day is designed to build critical skills required to proceed further into deeper discussions on reversing. You will also train on special-purpose reversing debuggers and disassemblers. Lab exercises will focus on the functionality of various reversing tools and basic static and dynamic analysis processes.- Basic static and dynamic analysis
- Reverse engineering concepts and legality
- Machine code
- Assembly language
- System- and code-level reversing
- Assembly basics (registers, operands, instructions)
- Fundamentals of reverse engineering tools (IDA Pro, Radare2)
Day 2: Static and dynamic analysis
Day two encompasses a deep discussion with hands-on content for reversing Windows binaries. Key concepts include identifying code paths, control functions and developing a general understanding of the code to be analyzed. Debugging concepts are introduced and practiced in hands-on lab exercises.- Recognizing C Code constructs in assembly
- Windows API
- Windows Registry
- Network APIs
- DLLs
- Processes, threads and services
- Debugging process (stepping, breakpoints, modifying execution)
- Kernel debugging
- Debugging tools
Day 3: Analyzing malware functionality and behavior
Day three includes detailed coverage on reverse engineering malware. Focus is on live malware reversing using examples of viruses, Trojans and rootkits collected from the wild.- Understanding common malware types and functionality
- Process injection and replacement
- DLL injection
- Direct, hook and APC injection and other malware launching technique
- Registry persistence
- Svchost.exe
- Trojanized system binaries
- DLL load order hijacking
- Malware network behavior analysis
- Kernel mode rootkits (SSDT hooking, interrupts)
- User mode rootkits
Day 4: Anti-reversing techniques
Day four works with various anti-reversing techniques that software developers and malware writers put in place to make reverse engineering more difficult.- Basic anti-reversing strategies
- Anti-disassembly
- Detecting debuggers
- Detecting VM presence
- Analyzing packed executables
- Popular packers (UPX, PECompact, ASPack, etc.)
- Simple obfuscation techniques (XOR swap, junk code, etc.)
- Obscuring through data flow and control flow
- Constant unfolding
- Deobfuscation tools
- Base64 and other encoding schemes
- Common ciphers and encoding schemes
- Reversing ransomware
Day 5: Advanced reversing topics & CREA exam
Day five covers advanced reversing topics as well as the CREA exam. The day ends with you taking the CREA exam.- Recognizing C++ binaries
- Identifying constructors and destructors
- RTTI
- 64-bit architecture
- WoW64
- 64-bit analysis
- CREA exam overview
- CREA exam
-
- After your boot camp
-
Your boot camp includes a 1-year subscription to Infosec Skills, so you can take additional time to prepare for your exam, get a head start on your next certification goal or start earning CPEs.
-
Free reverse engineering training resources
Sign up