• Delhi 2019
  • Training
  • Slaying the RE dragon: Mastering Reverse Engineering

Slaying the RE dragon: Mastering Reverse Engineering

Sudhakar Verma & Krishnakant Patil

Register Now
Sudhakar Verma Krishnakant Patil

Trainer Name: Sudhakar Verma & Krishnakant Patil
Title: Slaying the RE dragon: Mastering Reverse Engineering
Duration: 2 Days
Dates: 9th - 10th October 2019

Overview

Have you ever looked at programs and wondered how do they function? How to analyze and debug the operating system and malware? Found a bug, got infected by malware?

We will try to answer these questions with fun tasks while learning the methods, tools we need in the process.

Topics

Day 1 - Basics

This day focuses on bringing each participant to the same level of comfort and understanding of the underlying systems

  • Introduction and recap of the homework - binary/file format internals, linkers/loaders, os internals, virtual address space, general assembly gotchas, basic x86{64}, trivia and jargons
  • Mapping assembly to a higher level code in C/C++, Common pitfalls in C++ reversing
  • Putting theory into practice, Reconnaissance to understanding target.
    • System monitoring techniques
    • Working with your favourite disassemblers and various static analysis tools to understand program properties
    • Understanding control and data flow - basic blocks, cfg and other program elements
    • Tracing program execution, basic debugging and tracing

Day 2 - Analysis - Static and Dynamic

This day focuses on solving various tasks involved during day to day malware/vulnerability analysis, acquiring intermediate skills needed to reverse engineer complex software. This day will focus on tracing, scripting, automating analysis and writing your own tools.

  • Case study 1: Crash analysis to understand vulnerability root cause?
    • Understanding the reason of application crash? Backtracking to understand entry of the application  
    • How to analyze crashes?
      • Fixing symbols
      • Source-to-symbol mapping
      • Figuring out data structures
      • Fix?

What to Expect?

Interesting and functional solution to challenges involved in the reverse engineering workflow.

Who should attend

  • Cyber Security Experts, Penetration Testers, Cyber Security Analyst

Prerequisites

  • Knowledge with assembly and file formats is preferred
  • A combination of C/C++ and Python to write tools

What to Bring

  • Laptop with admin privileges
  • VMware Workstation or VMPlayer
  • Minimum 50 GB of storage.
  • Minimum 4 GB RAM for virtual machines.

Trainer Profiles

Sudhakar is a Security Researcher at Payatu Software Labs. He has 4+ years of experience around reversing, exploitation, CTFs and software development. He is passionate about all things exploitation and maths. He is currently the chapter lead for Null - The Open Security Community Pune chapter. In the past he has given talks at local Null meetups and BSides Delhi.
Follow him on Twitter: @_sudhackar

Krishnakant is a Vulnerability Researcher at Payatu Software Labs. He has over 8 years of experience in software development and reverse engineering. He is passionate about vulnerability discovery, exploit development and program analysis. He had successfully conducted many workshops and hands on sessions on malware analysis and reverse engineering in local meetup groups and also conducted workshop on art of instrumentation in BruCON 2018.

Copyright © 2019-20 | Nullcon India | International Security Conference | All Rights Reserved