Home / Training / Reverse Code Engineering Training

Reverse Code Engineering Training

Overview

The Reverse Code Engineering Training bootcamp provides with a high sophisticated training trail an ultimate way to show your proven excellence in the field of using Reverse Code Engineering Techniques in various IT security domains. Participants get trained with relevant standards, procedures, and methods of using the Reverse Code Engineering techniques and get trained with high practical background.

Training Goals

We often craft customized courses depending on your interests, or you can ask for a personal, 1-1 bootcamp (you and the trainer only) for an higher price to better suit your needs.

With successful training and certification participants are able to fulfil extensive binary security analysis and binary auditing processes on software systems and software security environments. The certification is optional and finalizes of the training trail.

This course was designed for students who are new to this knowledge domain or have an introductory / basic understanding of x86 assembly and reverse engineering. In this 5 day hands-on course, you will gain the necessary binary software engineering and analysis skills to discover the true nature of any x86 binary.

Certification

The Certified Reverse Code Engineering Expert™ qualification is aimed at people involved in Binary Auditing. This includes people in roles such as protectionists, malware analysts, exploit developers, security testers or software developers. This professional level qualification is also appropriate for anyone who wants an advanced understanding of Binary Auditing, such as students or security consultants.

The exam is given on-site, IITAC - International Institute has achieved a very high pass rate for this certification. Assessor is IITAC - International Institute which is a department by Cognitve Core. Certification process is according to ISO/IEC 17024. Certification assessment was provided by a certification committee. Certification is according to ISO/IEC 17024 independent of the training.

Course Structure

This is a 5 day course where the notion of rapid response is taken into consideration with each aspect, focusing on techniques and methodologies that can be applied in a timely and effective manner. We will enhance your debugging abilities such as identifying operators and operands without focusing on each letter, not sounding out all words, not sub-vocalizing some phrases, or spending less time on some structures than others, and skimming small sections. At the completion of this training, participants get applicable real world knowledge that can be directly applied.

How the Course is Run

This course is by no means a 5 day Powerpoint® Presentation Karaoke. We focus on full practical group and individual exercises with high engaged interaction with the trainer. Learning by teaching as training method is used as well as competitive training methodologies. As well we do not rely on “ethical” approaches but look under the hood to discuss appliable real life scenarios.

Learning Environment

Aside from direct class materials, hands-on exercises, students will have many opportunities to engage in one-on-one questions with instructors. Furthermore, students will be divided to pairs to support Pair-Reversing methodology which is a proven known methodology used in Pair-Programming during eXtreme Programming and agile software development.

Requirements

Persons interested should possess at least a bachelor’s degree in a related field and should have at least 2 years experience in the field of software development. We recommend a master degree. Prospective students should be comfortable operating Microsoft Windows and have a basic understanding of x86 assembly and high level programming and OS concepts.

What to Bring

Students must bring their own laptop running an installation of Microsoft® Windows® 2000, XP or 2003 either natively or within a virtual machine. Students should install and begin to familiarize themselves with HexRays IDA Pro or OllyDbg. A demo copy of IDA Pro is available from HexRays. It is highly recommended to own a copy of (minimum) IDA Pro Standard. Students should also have the Windows version of Python installed. For plugin development the IDA SDK and Visual Studio should be installed as well. All other tools will be provided for the students in the class room.

What is Included

5 Days of professional Reverse Code Engineering instruction from a professional long year experienced trainer and auditor. Small class size between min. 8 and max. 16 participants. Cognitive Core’s Binary Auditing Toolbox includes all (and more) covered in the course for at home study. All meals, snacks and refreshments included. Certified Reverse Code Engineering Expert™ exam fees are included as well.

Table of Contents

The introductory level of a Reverse Code Engineering bootcamp articulates as follow:
  1. Introduction to Reverse Code Engineering
    1. Brief History of Reversing
    2. Legality and Industry Outlook
    3. Critical Importance of RCE for Today IT Companies
    4. Assembly: Intel© Instruction Set Review
    5. Assembly: Intel© Architecture Review
    6. Assembly: Stack/Heap Mechanics
    7. Assembly: High-Level Language Code Reversing
    8. Basics of Binary Debuggers (Olly, IDA, SoftICE)
    9. Basics of Binary Disassemblers (IDA Pro)
    10. File Editors (OllyDBG, CFF Explorer, ResHack)
    11. General Utilities (FileMon, RegMon, LordPE, ImpREC)
    12. Virtual Environments (VirtualPC/VMWare, Remote Debugging)
    13. Simple Reverse Code Engineering Exercises
  2. Reverse Engineering (RCE) Techniques
    1. Introduction to IDA Professional
    2. Using IDA Pro: Fundamentals
    3. Introduction to OllyDbg Usage
    4. Breakpointing techniques, CRC
    5. Basics of Algorithm Reversing
    6. Basics of Brute-forcing
    7. Reverse Code Engineering Exercises in IDA Pro (at least 3 hours)
  3. Unpacking and the Portable Executable (PE) Format
    1. Structure of the PE (Portable Executable)
    2. Understanding the importance of PE Analysis
    3. Sections, Imports, Exports
    4. Basics of Unpacking Methodologies
    5. PE Rebuilding
    6. Reverse Code Engineering Exercises in IDA Pro (at least 2 hours)
    7. Unpacking Exercises in OllyDBG or IDA Pro (at least 2 hours)
  4. Application Analysis and Advanced Code Reversing
    1. Points of Interest's Research
    2. Code Navigation and Binary Signatures
    3. Crash Analysis and Application Debugging
    4. Advanced Reverse Code Engineering Exercises (at least 3 hours)
  5. Cryptography basics and Advanced Code Reversing
    1. Basics of Cryptography and Protocol Analysis
    2. CRC and Hashes
    3. Symmetric and Asymmetric Ciphers
    4. Advanced Reverse Code Engineering Exercises (at least 3 hours)
    5. Course Summary