Reverse Engineering Malware Training Boot Camp

Learn how to reverse engineer and analyze malware! Reverse engineering is a vitally important skill for today’s expert security professional. Keep your organization safe by digging into the viruses, Trojans and rootkits being used by cybercriminals.

★★★★☆

4.1

(25 ratings)

93% exam pass rate

View Pricing

Become a Certified Reverse Engineering Analyst, guaranteed!

Exam Pass Guarantee (live online)
100% Satisfaction Guarantee
Certified Reverse Engineering Analyst (CREA) exam voucher
Unlimited CREA practice exam attempts
Five days live, expert reverse engineering instruction (live online or in-person)
Immediate access to Infosec Skills — including a bonus reverse engineering boot camp prep course — from the minute you enroll to 90 days after your boot camp
Learn by doing with 100s of additional hands-on courses and labs
90-day access to all boot camp video replays and materials
Knowledge Transfer Guarantee

Hands-on labs

Learn the methodologies, tools, and manual reversing techniques used in real-world situations in our cloud-hosted reversing engineering lab. You’ll learn how to analyze:

Hostile code and malware, including ransomware, worms, viruses, Trojans, rootkits and bots
Vulnerabilities in binaries, including format string vulnerabilities, buffer overflow conditions and the identification of flawed cryptographic schemes
Binary obfuscation schemes used by hackers, Trojan writers and copy protection algorithms
Additionally, you will learn how to recognize the features of modern optimizing compilers and how to use various hex editors, binary analysis programs and code coverage analyzers

View full course schedule

Training overview

Infosec’s hands-on Reverse Engineering Boot Camp teaches you the necessary analytical skills to discover the true nature of any Windows binary. You’ll learn how to recognize the high-level language constructs (such as branching statements, looping functions and network socket code) critical to performing a thorough and professional reverse engineering analysis of a binary. After learning these important introductory skills, you will advance to the analysis of hostile code and malware, vulnerabilities in binaries, binary obfuscation schemes and more.

You will gain hands-on experience with popular commercial and open-source decompilers and debuggers, as well as learn how to use various hex editors, binary analysis programs and code coverage analyzers. The boot camp also prepares you to pass the Certified Reverse Engineering Analyst (CREA) exam.

What you’ll learn

Static and dynamic analysis
Analyzing malware functionality and behavior
Anti-reversing techniques
Detecting debuggers
Advanced reversing topics & CREA exam

Who should attend

Malware analysts
Security researchers
Professionals looking to gain a technical understanding of malware
Anyone looking to improve their malware analysis and reverse engineering skills

Prerequisites

Firm understanding of the Windows Operating System
Firm understanding of computer architecture concepts
Grasp of the TCP/IP protocols

If you are unsure if you meet the required prerequisites, contact us for a quick network security training skill check.

Everything you need to earn your CREA

Exam Pass Guarantee (live online)
100% Satisfaction Guarantee
Certified Reverse Engineering Analyst (CREA) exam voucher
Five days live, expert reverse engineering instruction (live online or in-person)
Reverse engineering boot camp prep course
Learn by doing with 100s of additional hands-on courses and labs
90-day access to all boot camp video replays and materials
Knowledge Transfer Guarantee

View Pricing

Exam Pass Guarantee

We guarantee you’ll pass your exam on the first attempt. Learn more.

Reverse engineering training schedule

Infosec’s reverse engineering training is more than just a boot camp. We support you before, during and after your live training to ensure you’re fully prepared for your exam — and get certified on your first attempt.

Before your boot camp
- Start learning now. You’ll get immediate access to all the content in Infosec Skills, including an in-depth reverse engineering prep course, the moment you enroll. Prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.
During your boot camp
- Day 1: Introduction to malware analysis and reverse engineering
  Day one focuses on the fundamental knowledge required for malware analysis and reverse engineering. This day is designed to build critical skills required to proceed further into deeper discussions on reversing. You will also train on special-purpose reversing debuggers and disassemblers. Lab exercises will focus on the functionality of various reversing tools and basic static and dynamic analysis processes.
  - Basic static and dynamic analysis
  - Reverse engineering concepts and legality
  - Machine code
  - Assembly language
  - System- and code-level reversing
  - Assembly basics (registers, operands, instructions)
  - Fundamentals of reverse engineering tools (IDA Pro, Radare2)
  Day 2: Static and dynamic analysis
  Day two encompasses a deep discussion with hands-on content for reversing Windows binaries. Key concepts include identifying code paths, control functions and developing a general understanding of the code to be analyzed. Debugging concepts are introduced and practiced in hands-on lab exercises.
  - Recognizing C Code constructs in assembly
  - Windows API
  - Windows Registry
  - Network APIs
  - DLLs
  - Processes, threads and services
  - Debugging process (stepping, breakpoints, modifying execution)
  - Kernel debugging
  - Debugging tools
  Day 3: Analyzing malware functionality and behavior
  Day three includes detailed coverage on reverse engineering malware. Focus is on live malware reversing using examples of viruses, Trojans and rootkits collected from the wild.
  - Understanding common malware types and functionality
  - Process injection and replacement
  - DLL injection
  - Direct, hook and APC injection and other malware launching technique
  - Registry persistence
  - Svchost.exe
  - Trojanized system binaries
  - DLL load order hijacking
  - Malware network behavior analysis
  - Kernel mode rootkits (SSDT hooking, interrupts)
  - User mode rootkits
  Day 4: Anti-reversing techniques
  Day four works with various anti-reversing techniques that software developers and malware writers put in place to make reverse engineering more difficult.
  - Basic anti-reversing strategies
  - Anti-disassembly
  - Detecting debuggers
  - Detecting VM presence
  - Analyzing packed executables
  - Popular packers (UPX, PECompact, ASPack, etc.)
  - Simple obfuscation techniques (XOR swap, junk code, etc.)
  - Obscuring through data flow and control flow
  - Constant unfolding
  - Deobfuscation tools
  - Base64 and other encoding schemes
  - Common ciphers and encoding schemes
  - Reversing ransomware
  Day 5: Advanced reversing topics & CREA exam
  Day five covers advanced reversing topics as well as the CREA exam. The day ends with you taking the CREA exam.
  - Recognizing C++ binaries
  - Identifying constructors and destructors
  - RTTI
  - 64-bit architecture
  - WoW64
  - 64-bit analysis
  - CREA exam overview
  - CREA exam
After your boot camp
- Your Infosec Skills access extends 90 days past your boot camp, so you can take additional time to prepare for your CREA exam, get a head start on your next certification goal or start earning CPEs.

Free reverse engineering training resources

Malware Analysis and Reverse Engineering

If you are planning to get started with malware analysis and reverse engineering, this article can be a good starting point.

See Resources

Hacking Tools: Reverse Engineering

Reverse engineering refers to the duplication of another producer’s product following a thorough examination of its construction or composition. Learn more about the tools in this article.

Learn More

Reverse Engineering Obfuscated Assemblies [Updated 2019]

This article introduces you to code obfuscation and how we can deal with obfuscated assemblies when talking about reverse engineering.