• Hyderabad'17
  • Training
  • Reverse Engineering & Malware Analysis

Reverse Engineering & Malware Analysis

ABHISHEK DATTA

Trainer Name: Abhishek Datta
Title: Reverse Engineering & Malware Analysis
Duration: 2 Days

Objective

Malwares being complex, ever evolving & highly evasive, organizations have tough time containing them. A good Malware Analyst becomes an indispensable asset of the Incident Response and Security Operations team. Having deep understanding of malware behaviors helps to detect them sooner, contain them effectively and minimize potential losses. For a strong hold on the art & Science of Malware Analysis here is the Best course which offers strong foundation with Reversing Engineering and Malware Analysis by Abhishek Datta.
Abhisek has designed this very popular course that imparts sound understanding of programming, debugging and x86 assembly language to the art of Software Reverse Engineering and Malware Analysis with coverage of Windows platform. Various use-cases for Reverse Engineering and Malware Analysis along with live examples will be demonstrated during the session in order to impart a practical and result oriented training to the participants. The Course is designed in an engaging CTF format which encourages the participants to try out various tools and techniques discussed during the session.



Course Content

  • Win32 Platform Overview
    • Platform Components Overview
    • Process Tracing and Analysis Tools
    • API Hooking Techniques
    • Debugging Tools for Windows
    • Scripted Debugging
  • PE File Format Overview
    • Headers, Sections, IAT, Exports, Relocation Table etc.
    • PE Loader Workflow
    • Custom PE Loader Development
  • x86 Assembly Language
    • Quick Introduction to x86 Architecture and Platform
  • Components
    • x86 Assembly Programming Basics
  • Static Analysis using IDA Pro
    • Program Disassembly and Walkthrough
    • Control Flow Graph
    • Call Graph
    • Bypassing Anti-Disassembler Techniques
  • Dynamic Analysis
    • Sysinternals Suite
    • Win32 Debugging API
    • Scripted Debugging & Process Analysis
    • Dynamic Binary Instrumentation using PIN
  • Malware Analysis Techniques
    • Introduction to Malware Classes
    • Dynamic Analysis of Malwares
    • Online Anti Virus Services
    • Malware Classification
    • Sandboxed Analysis
    • Sandboxie
    • Online Sandbox Services
    • Building your own Sandbox for Malware Analysis
    • Building a Malware Analysis Lab
  • Advanced Malware Analysis
    • Anti-Analysis Techniques
    • Unpacking Packed/Protected Executables
    • Rootkit Techniques
    • Rootkit Analysis using Live Memory Acquisition and Memory
  • Forensics
    • File Format Exploit Analysis
  • Web Malware Analysis
    • Drive by Downloads
    • Analyzing Malicious Java Applets
    • Analyzing Malicious SWF Files
    • Analyzing Javascript Malwares

Who Should Attend?

  • Information Security Professionals
  • Anyone interested in Learning Malware Analysis Tools and Techniques
  • Anyone interested in building Professional Malware Analysis Infrastructure

Why attend?

Upon completion of this course, participants will be able to :

  • Understand Win32 Platform in greater detail and perform Runtime Process Analysis
  • Understand Portable Executable File Format
  • Develop expertise in Analyzing different classes of Malwares
  • Develop expertise in building Malware Analysis Infrastructure

Prerequisites

  • Must have
    • Basic knowledge of C/C++ Programming
    • Basic knowledge of Perl/Python/Ruby Scripting
    • Basic knowledge of TCP/IP Networking
    • Familiarity with Virtual Machine Tools like VMware/VirtualBox
    • Familiarity with a Programmer's Text Editor (You MUST NOT code in Notepad)
  • Should have
    • Familiarity with x86 Assembly Language
    • Familiarity with Win32 Debuggers

What to Bring

  • Must have
    • Laptop with WiFi Support
    • Windows/Linux/OSX as base OS (preferably Ubuntu Linux)
    • Virtual Machines
    • Windows XP
    • Any Linux Distribution
    • Software (or Installers)
    • Ruby 1.9.x
    • Python 2.7.x
  • Should have
    • Malware Samples
    • Multiple Virtual Machines for Windows XP, Windows 7 etc
    • Questions and Doubts

What to expect

  • An interactive hands-on training session with live examples
  • Lots of coding and debugging sessions

What not to expect

  • Programming Language Coaching
  • Anything not related to Reverse Engineering!

About the Trainer

Abhisek Datta is the Founder and Principal Consultant at 3S Labs, a Security Services startup based out of Bangalore, India, specializing in Vulnerability Research and Penetration Testing services.

Previously he was employed with iViZ Techno Solutions Pvt Ltd as the Head of Research. He was responsible for leading the Vulnerability Research Team along with involvement in Security Tools development. He has extensive experience in the field of Network and Application Penetration Testing, Exploit Development, Reverse Engineering and Malware Analysis.

Some of his Open Source work is available at:https://github.com/abhisek/

Copyright © 2016-17 | Nullcon India | International Security Conference | All Rights Reserved