• Home
• Bootcamps + Certification
• Consulting
• Contact
• Imprint/AGB
• Jobs
• University
• RSS

Reverse Code Engineering / Binary Analysis Advanced Bootcamp (Prato, Italy)

Reverse-engineering is become more mainstream every day. It is no longer a secret coven aimed toward defeating copy-protections. It has been more accessible to everybody in the past recent years due to the development of more user-friendly tools and documentation. As a side-effect, virus and trojan makers have also improved their skill, making it more difficult to analyse their latest creation running rampant in the wild of the internet. Analysing malicious code is a way to protect yourself or your company with a more critical eye. Reverse-Engineering is slowly becoming a fundamentally required skill in the field of software developing. As projects get more complicated and often handled by many different persons, bug-tracking is getting tedious and can stall application development. Even incompatibility between different versions of a same operating systems could be investigated that way. Security professionals from around the world have a particular need to look under the hood at the internal workings of applications and operating systems. Staying ahead of the curve is a necessity in all domains of computer security. Looking at a software from the processor’s point-of-view with today’s most powerful tools is the best way to prevent future threats that could cripple a company or cause losses of revenues due to unadequate protection.

Reverse Engineering is a critical skill

This discipline allows to look at programs beyond the macroscopic level, from a backstage all-access point-of-view. Hackers increasingly used obfuscated or protected code that are not detected by antivirus (0-day threats). Vulnerabilities in binary programs can be readily identified using standard reverse-engineering methodology. Closed-source programs do not reveal their secrets easily without poking and proding. Efficient bug-tracking can save many man/hours when developing software. Compilers with IDE are often limited by their restricted debugging capabilities. With incompabilities from one version of a same OS to the other, using an assembly-level debugger is often the most effective solution. Reverse-engineering is also an intrinsic part of knowing how commercial copy protection softwares operate. Knowing yourself what makes a protection scheme better than another is a great advantage when comes the time to protectect your own applications. A protection scheme is only as strong as it’s weakest link. Reverse Engineering teaches you how to find it as simply and quickly as possible.

What you will learn

This bootcamp was designed for students who already have a basic understanding of x86 assembly and want to learn the art of reverse code engineering. IDA Pro and OllyDbg are the main programs that will be used along with several other public tools that will be distributed on-site and other plugins will be created by the student themselves as a learning objective. The PE file format protections and the forsensics approach to analysing a protected binary executable will be the main focuses of the course. Some advanced reverse-engineering techniques will also be taught such as:

• Building a project with IDA Pro
• Cross-Platform debugging
• Unpacking a protected binary
• Tracking buffer overflows

In this 3 day hands-on course, you will gain the necessary binary analysis skills to discover the true nature of any Windows binary. You will learn how to recognize the high level language constructs (such as branching statements, looping functions and network socket code) critical to performing a thorough and professional reverse engineering analysis of a binary. After learning these important introductory skills, you will advance to the analysis of:

• Hostile Code & Malware, including: Worms, Viruses, Trojans, Rootkits and Bots.
• Vulnerabilities in Binaries, including: Format string vulnerabilities, buffer overflow conditions, and the identification of flawed cryptographic schemes
• Binary obfuscation schemes, used by: Hackers, Trojan writers and copy protection algorithms

IITAC will train you on the standard reverse engineering program IDA Pro.

The content in detail

• Introduction to Assembler and Binary Analysis (Critical importance of Reverse Code Engineering for IT companies)
• The PE Header Sections (Advanced IAT and EAT analysis, Detailed PE Structure PE Header Rebuilding)
• Advanced Cryptography (Symmetric and Asymmetric ciphers and hashes, RSA cipher, Blowfish cipher, MD5 hash, Other ciphers and hashes)
• Unpacking Techologies (Original Entry Point, Dumping of an executable, IAT rebuilding, Full dumps and partial dumps, Anti-unpacking technologies)
• Advanced Debugging (Windows SEH chain, Anti-Debugging technologies, Windows Debugging API, Understanding Application Loaders, Complex Debugging Problems)
• Application’s Code Vulnerabilities (Common code vulnerabilities, Weak points research in IDA Pro, Code-Flow analysis, Binary Analysis)

How You Benefit

The demand for reverse-engineers as highly increased during the recent past years, leading toward a more recognised profession. Security professionals, vulnerability researcher and byte code auditors are highly regarded in the world of IT, with an ever-growing need for more qualified and experienced experts. Getting a better-understanding of the inner workings of the Windows Operating System and application-level debugging is time-saving during software development. Knowing how to find more detailed information about bugs and solving them yourself, giving you the knowledge to draw more accurate conclusions based on reverse engineering rather than seeking the web for an hypothetical answer.
By getting training with real-world malware and the latest tools and techniques, you will stay a step ahead of the others when competing for the same position. Reverse-engineering will always an ace in your sleeve that will be used on a day-to-day basis quite rapidly.

How the Course is Run

This course is by no means a 3-day lecture. Instead, you will be engaged in a number of individual and group hands-on exercises to reinforce and solidify everything that is taught in the class. Some of the exercises are held in a competitive nature, followed by class discussion to pin point elegant approaches and solutions that various individuals or groups may have used. Despite the fact that the course is held in Italy, Germany or Canada, take home exercises will be available for the type-A personalities attending the course. The course can be available in alternate languages depending on the selected location.

What’s Included

• 5 Days of Expert Instruction from a senior instructor with real-world experience and deep knowledge of course content.
• Guaranteed small class size (less than 12 Students), you get an intimate learning setting not offered at any of our competitors.
• IITAC Reverse Code Engineering DVD with +2.5 GB. Includes every program covered in the course for at home study, development tools, Reverse Code Engineering Tools, over 6000 well sorted training files, video + training material (+340 files). Please note: IDA Pro is NOT included and has to be purchased by the participant before the bootcamp!
• Snacks and refreshments included.
• IITAC Certified Reverse Code Engineering Practitioner (CRCEp) exam fees for the certification according to ISO/IEC 17024.
• Lecture and Lab Exercises.

Who Should Attend

If you are interested in the field of reverse engineering, want to learn how to dissect malware, search for security vulnerabilities, want to discuss cutting edge technologies, techniques and ideas then this class is for you.

Learning Environment

Against to direct class materials, slides and hands-on exercises, students will have many opportunities to engage in one-on-one questions with instructors. Students get trained the practical way with intensive supervision. As students bring their own laptop, work done during the bootcamp gets not lost. Furthermore, students will be divided into groups by experience to foster student-student knowledge transfer as well.

What to bring

Students must bring their own laptop running an installation of Microsoft® Windows® 2000, XP, Vista or 2003 either natively or within a virtual machine. Students should install and begin to familiarize themselves with DataRescue IDA Pro. A demo copy of IDA Pro is available from DataRescue. You need a full licensed copy of IDA Pro! Students should also have the Windows version of Python installed. VMWare Desktop with already configured Windows and Linux virtual machines. All other tools will be provided for the students in the class room. Prospective students should be comfortable operating Microsoft Windows and have a basic understanding of x86 assembly and reverse-engineering concepts.

Pricing

Bootcamp pricing is 3499 USD per Person. Minimum of 6 participiants, maximum of 16 participiants.

Comments

• Security Labs Blog

  • IT Underground XI 2008: The Damn Vulnerable Linux Project - Steps beyond ethical hacking! (by T. Schneider)
    
  • IT Underground XI 2008: 64-bit Imports Rebuilding and Unpacking (by S. Doucet)
    
  • RECON2008 talk: 64-bit Imports Rebuilding and Unpacking by Sébastien Doucet (IITAC)
    
  • IITAC - Sponsor of the RECON conference! Free IDA Pro training!
    
  • Microsoft Security Risk Management Guide - Worth a look?
    

• Upcoming Bootcamps

  • 18 November:
    • Reverse Code Engineering / Binary Analysis Advanced Bootcamp (Prato, Italy) (9:00 am)
  • 24 November:
    • Delphi Development Advanced Bootcamp (Prato, Italy) (9:00 am)

• IDA Pro Training

  Get trained to analyze malware, vulnerability or copy protections with the no. 1 binary analysis tool IDA Pro!

  Cognitive Debugging^™

  The debugging skill of the programmer is probably the biggest factor in the ability to debug a problem, but the difficulty of software debugging varies. Cognitive Debugging^™ trains debugging with respect to brain and mental abilities! Both combined result is most powerful debugging results!

  Scientific Hacking^™

  Go far beyond classical ethical hacking! Instead of using tools only look under the hood, instead of making multiple choice tests only get certified by true practical assessments!

• Get in touch

  Get in touch with our sales team! sales@iitac.org

• Get your free copy!

  

• Security Consulting

  IITAC offers additional services such as Secure Software Development, Binary Auditing, Copy Protection, Digital Rights Management, Security Concepts and Security Consulting!

  Action-based Training^™

  IITAC professional bootcamps enhances your qualification. We provide courses, seminars, trainings and workshops in the field of IT Security, Secure Software Engineering and Software Engineering. Online training activities are supported by training videos or live online events.

  Certification acc. ISO 17024

  Get certified according to ISO/IEC 17024 100% online! No need to travel around! Learn whenever you want, where you want! Get certified home exercise like… without time pressure!

• Tag Cloud

  Binary Analysis Secure Software Engineering ChimpRec Software Development IDA Pro ISO/IEC 17024 Job Malware Analysis talk Reverse Code Engineering Decompilation Binary Auditing RECON 2008 Bootcamp CIDAP Certified IDA Pro Professional conference Enterprise Sales Manager Certification IT Security