About The Training
Goa 2025 | Trainings
- AI Security: Terminating The Terminator
- Advanced Infrastructure Security Assessment
- Attack and Defend Software Supply Chains
- Azure Cloud Attacks for Red and Blue Teams
- Blocking the Storm: A Hands-On Guide to Hardening and Securing Kubernetes Clusters
- DevSecOps - A Hands-on Experience
- Efficient Malware Analysis: Comprehensive Approach
- HackTheWeb: Pentesting Beyond Basics
- Hacking Android Applications
- IoT Security Bootcamp GOA Edition
- Rapid Threat Model Prototyping (RTMP) - Agile Threat Modeling Mastery including Cloud and AI
- Slaying the RE Dragon: Mastering Reverse Engineering
- The Application Security Tool Stack - How to Discover Vulnerabilities in Software
Slaying the RE Dragon: Mastering Reverse Engineering
Start Date: Mar 03, 2025
End Date: Mar 05, 2025
Venue: TBA
This program is a comprehensive workshop aimed at individuals interested in cybersecurity, particularly in reverse engineering, malware analysis, and vulnerability research.
We cover problem-solving, tool familiarization, automation and scripting, and other advanced techniques during the course.
Intermediate
Day 1 - Basics:
- Introduction to the workshop's objectives and overview of the topics to be covered.
- Recap and review of pre-workshop homework, ensuring all participants are on the same page.
- Delving into the internals of binary/file formats, linkers/loaders, and operating system internals to build foundational knowledge.
- Exploring virtual address space and understanding assembly language concepts, particularly focusing on x86{64} architecture.
- Introduction to essential tools used in reverse engineering and malware analysis.
Day 2 - Warmup:
- Connecting assembly code to higher-level languages like C/C++, and identifying common pitfalls in C++ reversing.
- Practical exercises in reconnaissance to understand the target system.
- Learning system monitoring techniques and using various disassemblers and static analysis tools to analyze program properties.
- Understanding control and data flow within programs, including basic blocks and control flow graphs.
- Introduction to basic debugging and tracing techniques.
Day 3 - Analysis - Static and Dynamic:
- Tracing, scripting, and automating analysis tasks, with a focus on writing custom tools.
- Hands-on exercises to acquire intermediate skills necessary for reverse engineering complex software.
- Progressing from basic reversing techniques to bypassing novel malware evasion techniques.
- Applying knowledge, tools, and techniques learned throughout the workshop to identify common traits of malware.
- Expectation of providing functional solutions to challenges encountered during reverse engineering workflows.
- Laptop with admin privileges
- VMware Workstation or VMPlayer
- Minimum 50 GB of storage.
- Minimum 4 GB RAM for virtual machines.
- Knowledge of assembly and file formats is preferred
- A combination of C/C++ and Python to write tools
Cyber Security Experts, Penetration Testers, Cyber Security Analysts etc.
If you want to learn techniques that could help you in analyzing malware, build tools for vulnerability research with reverse engineering, or automate analysis, this workshop is for you.
- Interesting and functional solution to challenges involved in the reverse engineering workflow.
- The learning curve for people new to reversing is pretty steep and can be overwhelming.
- Expect to cover a wide range of technical topics within a short span of time.
Virtual machines for labs, access to the CTF platform
Although we try to be as comprehensive as possible, this is not a complete workshop for everything you need. We probably won't cover a specific write-up of an analysis you read or maybe your favorite tool.
We take feedback every day at the end and try to tailor content to fit everyone's needs.
We expect people from a lot of different backgrounds to attend and try to be welcoming to everyone.
Sudhakar is a Security Engineer and currently contributes to Ubuntu's Security Team. In the past, he has worked with Crowdstrike and Payatu. He has around 7 years of experience in reversing, exploitation, CTFs, and software development. In the past, he has given talks at local Null meetups, BSides Delhi, Nullcon, and some open-source conferences.