Silabus Training Reverse Engineering

Oct 24, 20190 likes90 views

This 5-day course teaches reverse engineering and malware analysis skills. It covers analyzing Windows and Linux binaries to understand program flow and perform static and dynamic analysis. Topics include disassembly, decompilation, debugging, instrumentation, and patching code. The course is intended for reverse engineers, malware analysts, security engineers, incident responders, and security professionals who need to analyze and modify binaries to securely defend against evolving threats.

Syllabus Training Reverse Engineering
Overview
Reverse engineering and Malware Analysis is an important skill for today’s expert security professional.
Everything from reverse engineering and dissecting malware from discovering vulnerabilities in binaries
to analyzing malware, is required in order to properly secure an organization from today’s ever evolving
threats.
This 5-Days Course will teach you from the beginning of reverse engineering, perform binary analysis in
windows binary and linux executables files. You will learn how to recognize the high level language
constructs (such as branching statements, looping functions and network socket code) critical to
performing a thorough and professional reverse engineering analysis of a binary. After learning these
important introductory skills, this course will dig deeper into malware analysis process. The course will
teach you to perform static and dynamic malware analysis.
Who should attend?
• Reverse Engineer
• Malware Analyst
• IT Security Engineer
• Digital Forensic and Incident Responder Team
• IT Security Professional
What will I learn?
• Understand the key concepts of reverse engineering
• Performing Reverse Engineering in Windows Executables, Linux Executables
• Setup Safe Environment Lab for Reverse Engineering Analysis
• Perform Static and Dynamic Analysis
• Dump & Reconstruct Packed Application
• Trace and Modify Application
Digitally signed by Satria
Ady Pradana
DN: C=ID, OU=Training,
O=Reversing.ID,
CN=Satria Ady Pradana,
E=xathrya@reversing.id
Reason: Signed
Location:
Date: 2019-05-22 16:51:
19
Satria
Ady
Pradana

Module I – Introductions
• Introduction to Reverse Engineering
• Modern Computing Architecture
▪ x86 and ARM
▪ Operating System
Module II - Basic Identification
• Introduction to Native and Interpreted Code
• Structured and Unstructured Data
• Executable File Format
▪ Portable Executable (PE)
▪ Executable and Linking Format (ELF)
• Format Identification & Analysis
▪ Compiler, Runtime, Characteristics Identification
▪ String Extraction and Analysis
▪ File Format Analysis
Module III - Basic Program Flow
• Introduction to Programming
• Basic C programming
▪ Branching
▪ Loop
▪ Functions
• Basic Assembly Programming
▪ Opcodes and Assembly Languages
▪ Arithmetic and Logic Commands
▪ Memory Access & Segmentations
• Mapping from C to Assembly.
Module IV - Static Analysis (x86)
• Introduction to Static Analysis
• Disassembly & Decompilation
• Graph and Control Flow
• Structure Identification
• Signature Modification

• API Identification
Module V – Dynamic Analysis (x86)
• Debugging
o Introduction to Debugger
o Debugging Control (Breakpoint, Steps, Trace)
o Control Flow Modification
• Dynamic Binary Instrumentation
• Code Emulation
• Traffic Analysis
Module VI – Binary Alteration (x86)
• Code Patching
• Code Injection
• Code Cave
• Application Unpacking
o Binary Dumping
o Import Reconstruction
Module VII - Code Protection (x86)
• Anti-Disassembly
• Anti-Debugging
• Code Encryption & Dynamic Load
• Code Virtualization

The document discusses the path of cyber security and how to become a hacker or security professional. It outlines the typical steps of penetration testing: reconnaissance and analysis, vulnerability mapping, gaining access, privilege escalation, maintaining access, and covering tracks. It recommends starting with networking and programming skills, focusing on an area of expertise like web security, participating in competitions and creating a practice lab to learn. The presenter gives demonstrations on vulnerable VMs and recommends courses, CTF competitions, and building your own lab to advance your skills in security research, tool development, and operations.

How to secure HCERiscure

CSW2017 Geshev+Miller logic bug hunting in chrome on androidCanSecWest

The document describes several logic flaws in Chrome on Android that could be exploited. It discusses exploiting automatic file downloads to steal downloaded files or files from Google Drive by tricking the browser into downloading malicious files. It also describes using cross-site request forgery tokens and device IDs to programmatically install arbitrary apps from the Google Play store. The presentation aims to show how understanding application logic can lead to powerful "logic bug" exploits beyond simple memory corruption issues.

Talk28oct14mjos

This document summarizes a talk given by Dr. Markku-Juhani O. Saarinen on custom penetration testing (pentest) tools he developed called HAGRAT to simulate advanced persistent threats (APTs). Some key points: - HAGRAT includes a Windows remote access tool (RAT) and Linux command and control server to remotely control Windows systems and conduct intelligence gathering. - It was developed over 3 months for $30,000 specifically to test organizations' defenses against APTs in a safe, controlled manner. - HAGRAT remains undetected after 18 months due to limited and controlled usage. It penetrates firewalls using HTTP and looks like normal browser traffic to avoid detection

CSW2017 chuanda ding_state of windows application securityCanSecWest

This document discusses shared libraries and security vulnerabilities in Windows applications. It describes a system called Project A'Tuin that can automatically install software, detect insecure behaviors, and identify shared libraries used. The system found over 4000 shared libraries in sample applications, including outdated versions of OpenSSL affected by known vulnerabilities. Future work includes expanding behavior detection across platforms and open sourcing the system.

Riscure Assurance for Premium Content at a glanceRiscure

Software Attacks on Hardware WalletsRiscure

Efficient Reverse Engineering of Automotive FirmwareRiscure

The firmware executed by components found in a car provide a starting point for adversaries to obtain confidential information and discover potential vulnerabilities. However, the process of reverse engineering a specific component is typically considered a complex and time-consuming task. In this paper we discuss several techniques which we used to significantly increase the efficiency of reverse engineering the firmware of an instrument cluster.

CNIT 128: 3. Attacking iOS Applications (Part 2)Sam Bowne

The document discusses attacking iOS applications by exploiting their runtime environment and interprocess communication capabilities. It covers method swizzling to instrument the Objective-C runtime, using Cydia Substrate to inject code into apps, and attacking entry points like UIWebViews, file handling routines, and application extensions to achieve code injection. The goal is to demonstrate how the iOS runtime can be leveraged to bypass protections and potentially pivot to internal networks in some cases.

Csw2016 freingruber bypassing_application_whitelistingCanSecWest

This document discusses bypassing application whitelisting, specifically McAfee Application Control. It presents several methods for bypassing the whitelisting protection, including abusing whitelisted applications like PowerShell to execute arbitrary code. PowerShell scripts from tools like PowerSploit are suggested, which allow executing shellcode and other malicious payloads even when script execution is disabled. The document aims to demonstrate how application whitelisting can be bypassed on Windows systems through leveraging pre-installed applications and applications installed by the whitelisting software itself.

Nguyen Duc Thinh - Docker security in Dev Ops environment 2.0Security Bootcamp

This document discusses Docker security in a DevOps environment. It begins with an introduction to DevOps and Docker containers. It then outlines several Docker security practices, including hardening the Docker host, using TLS with Docker, content trust for images, network segmentation, image vulnerability scanning, and security assessment tools. The document provides an overview of how Docker and containers are used in DevOps and some key strategies for securing Docker deployments.

The Dark Side of PowerShell by George DobreaEC-Council

PowerShell is now a ‘mandatory-to-use’ tool for IT professionals in order to automate administration of the Windows OS and applications, including Azure and Nano Server. Unfortunately, threat actors have recently taken advantage of this powerful scripting language just because PowerShell it’s already installed on your Windows machines, trusted by Admins and most AntiVirus tools! The session presents the steps that should get you starting on (Ethical) Hacking and Pen Testing with PowerShell and some new techniques like JEA (Just Enough Administration) that a defender can use in order to limit the effectiveness of PowerShell attacks.

CNIT 128 9. Writing Secure Android ApplicationsSam Bowne

Beginners guide on how to start exploring IoT 2nd sessionveerababu penugonda(Mr-IoT)

This document discusses various aspects of cloud, API, and hardware penetration testing: - It outlines the different types of cloud services: Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS). - It provides an overview of tools used for cloud and API penetration testing such as SOASTA CloudTest, LoadStorm, BlazeMeter, Nexpose, and AppThwack. - It discusses firmware analysis, including extracting firmware from devices, identifying file systems and architectures, and searching for hardcoded credentials or certificates. Tools mentioned include Binwalk, Readelf, and Strings. - It provides an overview of hardware penetration

Positive Hack Days 7 - Ransomware forensiсsMona Arkhipova

Introduction to iOS Penetration TestingOWASP

The document provides an introduction to iOS penetration testing. It discusses the speaker's background in mobile and web penetration testing with a focus on iOS. The agenda outlines that the talk will cover introduction to iOS, Objective-C runtime basics, setting up a testing environment, and fundamentals of application testing with a focus on black-box testing. It will not cover jailbreak development, Swift, white-box testing, or webapp pentesting. The document then delves into various aspects of iOS including the security model, application sandboxing, Objective-C, and the iOS runtime. It also discusses tools and techniques for static analysis, runtime manipulation, bypassing protections, and investigating local storage.

Deploying a Shadow Threat Intel Capability at Thotcon on May 6, 2016grecsl

In the presentation that threat intel vendors do not want you to see, open source and internal data meets home grown resources to produce actionable threat intelligence that your organization can leverage to stop the bad guys. This presentation discusses and shows examples of using what your already have to bootstrap this capability using existing data management platforms with open and flexible schemas to ease identification of advanced threats. Specific topics covered include the advantages of using open and flexible platforms that can be molded into a data repository, a case tracking system, an indicator database, and more. By analyzing this data organizations can discovery trends across attacks that help them understand their adversaries. An example nosql schema will be release to help attendees create their own implementations.

[OWASP Poland Day] Application security - daily questions & answersOWASP

This document discusses various application security topics such as downloading files securely, handling secrets and temporary tokens, implementing third-party sites securely, privacy risks of third-party monitoring and analytics on sensitive pages, push notifications versus SMS, securely using FFmpeg and ImageMagick, serving user content securely, implementing cryptography securely, and applying rate limits. It provides advice on how to address each topic securely, such as only allowing certain schemes, ports and domains for file downloads, short expiration times for temporary tokens, sandboxing or isolating third-party components, and not implementing one's own crypto.

Lateral Movement - Phreaknik 2016Xavier Ashe

Attackers can quietly move laterally within networks by first gaining initial access, such as through phishing, then using tools and techniques to discover and access other systems on the network. This includes using powershell to run code without touching disks, download payloads from remote systems, and inject shellcode. It also involves using tools like mimikatz to dump credentials and move access from one system to another to gain higher privileges. The goal is often to compromise domain controllers to access domain admin credentials and gain full control.

CNIT 123: Ch 4: Footprinting and Social EngineeringSam Bowne

This document discusses footprinting and social engineering techniques used in ethical hacking. It describes using web tools like Burp Suite and proxies to gather open source intelligence about a target organization from their website and online presence. DNS zone transfers and tools like dig and host are explained to map out a target's network infrastructure. Different social engineering tactics like pretexting, impersonation and tailgating are also outlined. The document provides examples of how hackers use these techniques and recommendations for organizations to prevent such attacks.

BlueHat v18 || Return of the kernel rootkit malware (on windows 10)BlueHat Security Conference

Matt Oh, Microsoft We are seeing new technique used everyday by malware. But, it is very hard to find any impressive techniques used in the wild. Recently there was huge buzz about Detrahere malware which used internally known issues with certificate signing in Windows 10 kernel driver. Even though the certificate check bypass technique itself is very interesting, also I found that the tactics used by the malware is more impressive. Even though the malware is mainly focused on Ad-hijacking functionality through Netfilter driver installation, but it also has rootkit ability through file system driver hooking. This feels like old days coming back with various new arsenals. The rootkit detects kernel debugging settings and will destroy the system when it finds one. The unpacking process can be very challenging job, too as it uses kernel driver image hollowing technique (something similar to process hollowing) to deobfuscate itself and run unpacked code. Our patchguard doesn't seem like triggering on this action, because all the sections are pre-allocated with execute permission already. Through this talk, I want to present various techniques used by this malware focusing on the kernel level obfuscation and anti-analysis tactics. This will give us new insights on how new Windows rootkit malware might look like in the future and how detecting them from security systems and detonation systems can be a challenge.

Practical Security Assessments of IoT Devices and Systems Ollie Whitehouse

This talk briefly discusses strategies and methodologies than can be employed when assessing IoT devices. We look at how to develop credible threat scenarios for different IoT device and systems, perform static and dynamic attack surface mapping, perform static firmware analysis, perform static hardware analysis, undertake a dynamic device security analysis, sources of supporting information, supporting capability requirements and establishment, Execution of dynamic device analysis and approaches around network protocol analysis.

What's in a Jailbreak? - BSides 2019 keynoteMarkDowd13

Csw2017 bazhaniuk exploring_yoursystemdeeper_updatedCanSecWest

Chipsec is an open source framework for assessing platform security. It can be used to find vulnerabilities in system firmware like BIOS, UEFI and Mac EFI. Some examples shown include exploiting S3 resume boot script vulnerabilities to gain persistence, attacking hypervisors via SMM pointers, and checking for issues with MMIO BAR registers. The tool can also detect "problems" like unlocked firmware, missing hardware protections, and analyze real-world malware implants targeting firmware like DerStarke and HackingTeam UEFI rootkits.

Ch 9: Embedded Operating Systems: The Hidden ThreatSam Bowne

Kunal - Introduction to backtrack - ClubHack2008ClubHack

BackTrack is a Linux distribution focused on penetration testing with over 300 security tools. It allows testing of vulnerabilities like buffer overflows and cross-site scripting through tools like Nmap, Nikto, and Metasploit. Common attack techniques explored include man-in-the-middle attacks using ARP poisoning, password cracking through tools like John the Ripper, and hacking web servers through techniques like Google hacking.

Computer Courses Syllabus In Delhi By Jeetech Academy.pptxdelhijeetechacademyt1

How-To Find Malicious Backdoors and Business Logic Vulnerabilities in Your CodeDevOps.com

While graph databases are primarily known as the backbone of the modern social networks, we have found a much more interesting application for them: program analysis. This talk aims to demonstrate that graph databases and the typical program representations developed in compiler construction are a match made in heaven, allowing large code bases to be mined for vulnerabilities using complex bug descriptions encoded in simple, and not so simple graph database queries. This talk will bring together two well-known but previously unrelated topics: static program analysis and graph databases. After briefly covering the "emerging graph landscape" and why it may be interesting for hackers, a graph representation of programs exposing syntax, control-flow, data-dependencies and type information is presented, designed specifically with bug/backdoors/business logic flaws hunting in mind. Capabilities of the system will then be demonstrated live with Joern, an open source code exploration tool, as we craft queries for RCE exploits, insider attacks, data leak detection.

More Related Content

What's hot (20)

Software Attacks on Hardware WalletsRiscure

Efficient Reverse Engineering of Automotive FirmwareRiscure

CNIT 128: 3. Attacking iOS Applications (Part 2)Sam Bowne

Csw2016 freingruber bypassing_application_whitelistingCanSecWest

Nguyen Duc Thinh - Docker security in Dev Ops environment 2.0Security Bootcamp

The Dark Side of PowerShell by George DobreaEC-Council

CNIT 128 9. Writing Secure Android ApplicationsSam Bowne

Beginners guide on how to start exploring IoT 2nd sessionveerababu penugonda(Mr-IoT)

Positive Hack Days 7 - Ransomware forensiсsMona Arkhipova

Introduction to iOS Penetration TestingOWASP

Deploying a Shadow Threat Intel Capability at Thotcon on May 6, 2016grecsl

[OWASP Poland Day] Application security - daily questions & answersOWASP

Lateral Movement - Phreaknik 2016Xavier Ashe

CNIT 123: Ch 4: Footprinting and Social EngineeringSam Bowne

BlueHat v18 || Return of the kernel rootkit malware (on windows 10)BlueHat Security Conference

Practical Security Assessments of IoT Devices and Systems Ollie Whitehouse

What's in a Jailbreak? - BSides 2019 keynoteMarkDowd13

Csw2017 bazhaniuk exploring_yoursystemdeeper_updatedCanSecWest

Ch 9: Embedded Operating Systems: The Hidden ThreatSam Bowne

Kunal - Introduction to backtrack - ClubHack2008ClubHack

Software Attacks on Hardware WalletsRiscure

Efficient Reverse Engineering of Automotive FirmwareRiscure

CNIT 128: 3. Attacking iOS Applications (Part 2)Sam Bowne

Csw2016 freingruber bypassing_application_whitelistingCanSecWest

Nguyen Duc Thinh - Docker security in Dev Ops environment 2.0Security Bootcamp

The Dark Side of PowerShell by George DobreaEC-Council

CNIT 128 9. Writing Secure Android ApplicationsSam Bowne

Beginners guide on how to start exploring IoT 2nd sessionveerababu penugonda(Mr-IoT)

Positive Hack Days 7 - Ransomware forensiсsMona Arkhipova

Introduction to iOS Penetration TestingOWASP

Deploying a Shadow Threat Intel Capability at Thotcon on May 6, 2016grecsl

[OWASP Poland Day] Application security - daily questions & answersOWASP

Lateral Movement - Phreaknik 2016Xavier Ashe

CNIT 123: Ch 4: Footprinting and Social EngineeringSam Bowne

BlueHat v18 || Return of the kernel rootkit malware (on windows 10)BlueHat Security Conference

Practical Security Assessments of IoT Devices and Systems Ollie Whitehouse

What's in a Jailbreak? - BSides 2019 keynoteMarkDowd13

Csw2017 bazhaniuk exploring_yoursystemdeeper_updatedCanSecWest

Ch 9: Embedded Operating Systems: The Hidden ThreatSam Bowne

Kunal - Introduction to backtrack - ClubHack2008ClubHack

Similar to Silabus Training Reverse Engineering (20)

Computer Courses Syllabus In Delhi By Jeetech Academy.pptxdelhijeetechacademyt1

How-To Find Malicious Backdoors and Business Logic Vulnerabilities in Your CodeDevOps.com

Software Analytics: Data Analytics for Software Engineering and SecurityTao Xie

Frodo Baggins presents on software analytics for software engineering and security tasks. The presentation discusses how software and how it is built and used is changing, with data now being ubiquitous and software having continuous development and release. Software analytics aims to enable software practitioners to perform data exploration and analysis to obtain useful insights. Examples of software analytics techniques discussed include XIAO for scalable code clone analysis, and SAS for incident management of online services. The presentation then shifts to discussing software analytics techniques for mobile app security, including WHYPER for natural language processing on app descriptions to link permissions to functionality, and AppContext for machine learning to classify malware.

T3_Embedded programing_07072022T3_Embedded programing_07072022.pptxHuyTrn352093

Code Review | 2010Klocwork

- Klocwork provides developer and team productivity tools built on their industry-leading source code analysis capabilities. They were the first to market with both quality and security vulnerability analysis. - Klocwork has over 650 customers worldwide across industries like networking, finance, medical devices, aerospace and defense, and more. A Nokia Siemens Networks executive cited the benefits of using Klocwork for market leadership and reduced costs. - Klocwork Insight Pro offers static analysis, peer code review, and refactoring capabilities to find issues like defects, vulnerabilities, and maintainability problems in C, C++, Java, and C#.

Artificial Intelligence for Unmanned VehiclesObject Automation

Object Automation recently conducted a workshop on the application of Artificial Intelligence in Unmanned Vehicles (UAV) where around 500 students from various college across the state participated.The workshop also covered a Drone Demo with some special features for the Agriculture Industry. We do have a 40 hours curriculum for AI in UAV where students and developers will learn about applications of Python, Machine Learning, Deep Learning and integrating AI with UAV to build drones for Agriculture and Surveillance.

Introduction to c++NR Computer Learning Center

Reverse Engineering.pptxSameer Sapra

Reverse engineering is the process of extracting knowledge or design information from something to understand its workings or recreate it. It often involves disassembling hardware or software and analyzing components. Common tools used are disassemblers to convert binary to assembly code, debuggers to view program state, hex editors to view and edit binary, and decompilers to recreate source code from machine code. The document also discusses security risks of reverse engineering like information disclosure, spoofing, and code modification, as well as some famous legal cases involving reverse engineering.

AI_in_Aero_UAV.pdfObject Automation

This course teaches artificial intelligence and machine learning concepts for applications in unmanned aerial vehicles (UAVs), covering topics like Python, data analysis, machine learning algorithms, deep learning models, and cloud computing, with hands-on projects analyzing real-world data to solve problems like image and crop classification. Students will gain skills needed for AI careers and receive an IBM certification upon completion, while also getting access to IBM servers and Nvidia GPUs through Object Automation's hardware infrastructure.

DeepakItkar_Resume_ITAMDeepak Itkar

- Deepak Itkar has over 10 years of experience in Microsoft technologies and database/system administration. He is currently working as an Assistant Manager at Lester Infoservices Pvt. Ltd. handling a team of senior software developers. - He has experience developing desktop and web applications using technologies like .NET, C#, ASP.NET, and databases like SQL Server and MySQL. He is specialized in areas like team leadership, communication, problem solving, and quick learning. - Some of the projects he has worked on include At-Home Agent system using VPN and remote tools, ACD integration software, Payment Gateway integration, and implementing the monitoring tool Nagios.

Ankit Vakil (1)Ankit Vakil

This document contains a summary profile for Ankit Vakil. It outlines his contact information, employment history, skills, education, and major projects. He has over 5 years of experience in software development using languages like C, C++, and UNIX. His areas of focus include connectivity, cloud, storage, and encryption. He is currently a Senior Software Engineer at Samsung Research Institute working on projects involving connectivity, cloud video streaming, and IOT.

Intake_35_Professional_Developer_Track_SDRaNa HaSan

This document describes the Professional Developer track of the System Development & Gaming Center of Excellence. The track aims to graduate software engineers capable of using various technologies. It provides a wide range of courses in areas like desktop/web development, business intelligence, cloud computing and soft skills. Graduates will be prepared for jobs in software development, communication technology and business intelligence fields. The center's staff have technical and teaching experience to support the program.

Intake_35_Professional_Developer_Track_SDRaNa HaSan

This document describes the Professional Developer track within the System Development & Gaming Center of Excellence. The track aims to graduate software engineers capable of using various technologies. It provides a comprehensive list of courses covering foundations, desktop/web development, business intelligence/big data, cloud computing, and soft skills. Graduates will be prepared for jobs in software development, communication technology, and business intelligence fields.

Intake_35_Professional_Developer_Track_SDMohamed Bayomi

This document describes the Professional Developer track of the System Development & Gaming Center of Excellence. The track aims to graduate software engineers capable of using various technologies. It provides a comprehensive list of courses covering foundations, desktop/web development, business intelligence, cloud computing and soft skills. Graduates will be prepared for jobs in software development, communication technology and business intelligence fields.

Thick Application Penetration Testing - A Crash CourseNetSPI

This document provides an overview of penetration testing thick applications. It discusses why thick apps present unique risks compared to web apps, common thick app architectures, and how to access and test various components of thick apps including the GUI, files, registry, network traffic, memory, and configurations. A variety of tools are listed that can be used for tasks like decompiling, injecting code, and exploiting excessive privileges. The document concludes with recommendations such as never storing sensitive data in assemblies and being careful when deploying thick apps via terminal services.

Presentation on Carriers after Graduation.pptxpankajpathade2

Career PortfolioJoshua Tovar

- Joshua Tovar presents his career portfolio containing descriptions of courses taken at DeVry University focused on systems concepts, programming, web development, and systems analysis. - The portfolio includes screenshots of programs and websites developed by Joshua using languages like C#, ASP.NET, and frameworks like .NET along with IDEs such as Visual Studio and Dreamweaver. - Examples shown include a racer inheritance hierarchy program, password validation program, mock website for a staffing agency, checkout forms, email form, web service to search an Access database, and a web app modifying database records.

Talent42 2014 Sam Wholley - Talent42

The document provides an overview of key software engineering concepts for recruiters, including software architecture, agile development, n-tier architecture, programming paradigms like object-oriented programming and functional programming, cloud computing, and popular technologies. It discusses architectural approaches like building for extensibility, agile development principles, front-end and back-end development, and database concepts. The document aims to help recruiters understand technical candidates' backgrounds and evaluate skills.

Soc analyst course content v3ShivamSharma909

The SOC analyst training program is meticulously designed by the subject matter experts at Infosec Train. The training program offers a deep insight into the SOC operations and workflows. It is an excellent opportunity for aspiring and current SOC analysts (L1/L2/L3) to level up their skills to mitigate business risks by effectively handling and responding to security threats. https://www.infosectrain.com/courses/soc-analyst-expert-training/

Soc analyst course contentShivamSharma909

Computer Courses Syllabus In Delhi By Jeetech Academy.pptxdelhijeetechacademyt1

How-To Find Malicious Backdoors and Business Logic Vulnerabilities in Your CodeDevOps.com

Software Analytics: Data Analytics for Software Engineering and SecurityTao Xie

T3_Embedded programing_07072022T3_Embedded programing_07072022.pptxHuyTrn352093

Code Review | 2010Klocwork

Artificial Intelligence for Unmanned VehiclesObject Automation

Introduction to c++NR Computer Learning Center

Reverse Engineering.pptxSameer Sapra

AI_in_Aero_UAV.pdfObject Automation

DeepakItkar_Resume_ITAMDeepak Itkar

Ankit Vakil (1)Ankit Vakil

Intake_35_Professional_Developer_Track_SDRaNa HaSan

Intake_35_Professional_Developer_Track_SDMohamed Bayomi

Thick Application Penetration Testing - A Crash CourseNetSPI

Presentation on Carriers after Graduation.pptxpankajpathade2

Career PortfolioJoshua Tovar

Talent42 2014 Sam Wholley - Talent42

Soc analyst course content v3ShivamSharma909

Soc analyst course contentShivamSharma909

More from Satria Ady Pradana (20)

Down The Rabbit Hole, From Networker to Security ProfessionalSatria Ady Pradana

MITM: Tales of Trust and BetrayalSatria Ady Pradana

Berkarir di Cyber SecuritySatria Ady Pradana

This document discusses cyber security careers in Indonesia. It provides an overview of common cyber security jobs including penetration tester, security engineer, SOC engineer, and forensic investigator. It also outlines the skills needed to work in cyber security, challenges in the field in Indonesia like a lack of professionals, and ways to prepare like building skills through virtual labs, capture the flag challenges, and communities. Daily activities of a penetration tester are also summarized as finding vulnerabilities, creating proof of concepts, writing reports, and presenting results.

IOT Security FUN-damentalSatria Ady Pradana

Python-Assisted Red-Teaming OperationSatria Ady Pradana

IoT Security - Preparing for the WorstSatria Ady Pradana

This document discusses security issues related to the Internet of Things (IoT). It begins with an introduction to IoT, noting the exponential growth in connected devices. It then outlines common threats to IoT systems, including attacks aimed at devices, networks, and cloud infrastructure. Specific examples like the Mirai botnet and attacks on Ukrainian power grids are examined. The presentation concludes with recommendations for improving IoT security, such as understanding system architectures, implementing policies, and regularly monitoring networks.

Practical Security - Modern Day SoftwareSatria Ady Pradana

Modern software applications are complex and connected systems that process, store, and transmit data. This complexity introduces many potential attack vectors if proper security practices are not followed. Common attacks include injection attacks by inserting malicious code into inputs, insecure direct object reference issues that allow unauthorized access to restricted resources, and exposing sensitive information if debugging artifacts or unobfuscated binaries are deployed. To mitigate these risks, developers must filter all inputs, carefully check authorization for resources, and ensure no secrets or development files are included in production deployments.

Firmware Reverse EngineeringSatria Ady Pradana

Reverse Engineering: The Crash CourseSatria Ady Pradana

The Offensive Python: Practical Python for Penetration TestingSatria Ady Pradana

From Reversing to Exploitation: Android Application Security in EssenceSatria Ady Pradana

This document discusses techniques for analyzing and exploiting Android applications. It begins by explaining why security is important given people's growing dependency on digital technology and mobile devices. It then discusses decompiling APK files and using tools like Apktool, Dex2Jar, and decompilers to view an app's code. The document also covers using proxies like Burp Suite and Frida to intercept network traffic and manipulate app behavior at runtime. The goal is usually to obtain sensitive data, bypass restrictions, or modify the app. Examples of scenarios explored include tampering with network requests, bypassing security checks, and decrypting encrypted data.

Android Security: Art of ExploitationSatria Ady Pradana

Malware: To The Realm of Malicious Code (Training)Satria Ady Pradana

Malware comes in many forms and poses increasing threats. The document discusses the basics of how malware works, including propagation techniques to spread, payloads to damage systems, and self-defense mechanisms. It also covers common malware classes like viruses, worms and Trojans. Examples are given of real malware outbreaks like WannaCry and Petya to show how quickly they can spread. Defense strategies include using antivirus software, keeping systems updated, and maintaining backups.

Reverse Engineering: Protecting and Breaking the Software (Workshop)Satria Ady Pradana

Reverse Engineering: Protecting and Breaking the SoftwareSatria Ady Pradana

Memory Forensic: Investigating Memory Artefact (Workshop)Satria Ady Pradana

Memory Forensic: Investigating Memory ArtefactSatria Ady Pradana

Another Side of HackingSatria Ady Pradana

Automatic Malware Analysis & RepositorySatria Ady Pradana

Web Security JumpstartSatria Ady Pradana

This document outlines an agenda for a web security workshop. It introduces the presenter, Satria Ady Pradana, and mentions that he will discuss the Dracos Linux penetration testing operating system. The workshop will cover installing and using Dracos Linux in a virtual machine, including configuring the network, installing packages, and using its user interface. Attendees will have the opportunity to try SQL injection, cross-site scripting, and cross-site request forgery attacks on a target website.

Down The Rabbit Hole, From Networker to Security ProfessionalSatria Ady Pradana

MITM: Tales of Trust and BetrayalSatria Ady Pradana

Berkarir di Cyber SecuritySatria Ady Pradana

IOT Security FUN-damentalSatria Ady Pradana

Python-Assisted Red-Teaming OperationSatria Ady Pradana

IoT Security - Preparing for the WorstSatria Ady Pradana

Practical Security - Modern Day SoftwareSatria Ady Pradana

Firmware Reverse EngineeringSatria Ady Pradana

Reverse Engineering: The Crash CourseSatria Ady Pradana

The Offensive Python: Practical Python for Penetration TestingSatria Ady Pradana

From Reversing to Exploitation: Android Application Security in EssenceSatria Ady Pradana

Android Security: Art of ExploitationSatria Ady Pradana

Malware: To The Realm of Malicious Code (Training)Satria Ady Pradana

Reverse Engineering: Protecting and Breaking the Software (Workshop)Satria Ady Pradana

Reverse Engineering: Protecting and Breaking the SoftwareSatria Ady Pradana

Memory Forensic: Investigating Memory Artefact (Workshop)Satria Ady Pradana

Memory Forensic: Investigating Memory ArtefactSatria Ady Pradana

Another Side of HackingSatria Ady Pradana

Automatic Malware Analysis & RepositorySatria Ady Pradana

Web Security JumpstartSatria Ady Pradana

Recently uploaded (20)

AI-assisted Software Testing (3-hours tutorial)Vəhid Gəruslu

Compiler Design Unit1 PPT Phases of Compiler.pptxRushaliDeshmukh2

IntroSlides-April-BuildWithAI-VertexAI.pdfLuiz Carneiro

Introduction to FLUID MECHANICS & KINEMATICSnarayanaswamygdas

Fluid mechanics is the branch of physics concerned with the mechanics of fluids (liquids, gases, and plasmas) and the forces on them. Originally applied to water (hydromechanics), it found applications in a wide range of disciplines, including mechanical, aerospace, civil, chemical, and biomedical engineering, as well as geophysics, oceanography, meteorology, astrophysics, and biology. It can be divided into fluid statics, the study of various fluids at rest, and fluid dynamics. Fluid statics, also known as hydrostatics, is the study of fluids at rest, specifically when there's no relative motion between fluid particles. It focuses on the conditions under which fluids are in stable equilibrium and doesn't involve fluid motion. Fluid kinematics is the branch of fluid mechanics that focuses on describing and analyzing the motion of fluids, such as liquids and gases, without considering the forces that cause the motion. It deals with the geometrical and temporal aspects of fluid flow, including velocity and acceleration. Fluid dynamics, on the other hand, considers the forces acting on the fluid. Fluid dynamics is the study of the effect of forces on fluid motion. It is a branch of continuum mechanics, a subject which models matter without using the information that it is made out of atoms; that is, it models matter from a macroscopic viewpoint rather than from microscopic. Fluid mechanics, especially fluid dynamics, is an active field of research, typically mathematically complex. Many problems are partly or wholly unsolved and are best addressed by numerical methods, typically using computers. A modern discipline, called computational fluid dynamics (CFD), is devoted to this approach. Particle image velocimetry, an experimental method for visualizing and analyzing fluid flow, also takes advantage of the highly visual nature of fluid flow. Fundamentally, every fluid mechanical system is assumed to obey the basic laws : Conservation of mass Conservation of energy Conservation of momentum The continuum assumption For example, the assumption that mass is conserved means that for any fixed control volume (for example, a spherical volume)—enclosed by a control surface—the rate of change of the mass contained in that volume is equal to the rate at which mass is passing through the surface from outside to inside, minus the rate at which mass is passing from inside to outside. This can be expressed as an equation in integral form over the control volume. The continuum assumption is an idealization of continuum mechanics under which fluids can be treated as continuous, even though, on a microscopic scale, they are composed of molecules. Under the continuum assumption, macroscopic (observed/measurable) properties such as density, pressure, temperature, and bulk velocity are taken to be well-defined at "infinitesimal" volume elements—small in comparison to the characteristic length scale of the system, but large in comparison to molecular length scale

railway wheels, descaling after reheating and before forgingJavad Kadkhodapour

DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...charlesdick1345

ELectronics Boards & Product Testing_Shiju.pdfShiju Jacob

Oil-gas_Unconventional oil and gass_reseviours.pdfM7md3li2

fluke dealers in bangalore..............Haresh Vaswani

The Fluke 925 is a vane anemometer, a handheld device designed to measure wind speed, air flow (volume), and temperature. It features a separate sensor and display unit, allowing greater flexibility and ease of use in tight or hard-to-reach spaces. The Fluke 925 is particularly suitable for HVAC (heating, ventilation, and air conditioning) maintenance in both residential and commercial buildings, offering a durable and cost-effective solution for routine airflow diagnostics.

Lidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptxRishavKumar530754

Machine learning project on employee attrition detection using (2).pptxrajeswari89780

Process Parameter Optimization for Minimizing Springback in Cold Drawing Proc...Journal of Soft Computing in Civil Engineering

In tube drawing process, a tube is pulled out through a die and a plug to reduce its diameter and thickness as per the requirement. Dimensional accuracy of cold drawn tubes plays a vital role in the further quality of end products and controlling rejection in manufacturing processes of these end products. Springback phenomenon is the elastic strain recovery after removal of forming loads, causes geometrical inaccuracies in drawn tubes. Further, this leads to difficulty in achieving close dimensional tolerances. In the present work springback of EN 8 D tube material is studied for various cold drawing parameters. The process parameters in this work include die semi-angle, land width and drawing speed. The experimentation is done using Taguchi’s L36 orthogonal array, and then optimization is done in data analysis software Minitab 17. The results of ANOVA shows that 15 degrees die semi-angle,5 mm land width and 6 m/min drawing speed yields least springback. Furthermore, optimization algorithms named Particle Swarm Optimization (PSO), Simulated Annealing (SA) and Genetic Algorithm (GA) are applied which shows that 15 degrees die semi-angle, 10 mm land width and 8 m/min drawing speed results in minimal springback with almost 10.5 % improvement. Finally, the results of experimentation are validated with Finite Element Analysis technique using ANSYS.

"Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G...Infopitaara

A feed water heater is a device used in power plants to preheat water before it enters the boiler. It plays a critical role in improving the overall efficiency of the power generation process, especially in thermal power plants. 🔧 Function of a Feed Water Heater: It uses steam extracted from the turbine to preheat the feed water. This reduces the fuel required to convert water into steam in the boiler. It supports Regenerative Rankine Cycle, increasing plant efficiency. 🔍 Types of Feed Water Heaters: Open Feed Water Heater (Direct Contact) Steam and water come into direct contact. Mixing occurs, and heat is transferred directly. Common in low-pressure stages. Closed Feed Water Heater (Surface Type) Steam and water are separated by tubes. Heat is transferred through tube walls. Common in high-pressure systems. ⚙️ Advantages: Improves thermal efficiency. Reduces fuel consumption. Lowers thermal stress on boiler components. Minimizes corrosion by removing dissolved gases.

theory-slides-for react for beginners.pptxsanchezvanessa7896

introduction to machine learining for beginersJoydebSheet

International Journal of Distributed and Parallel systems (IJDPS)samueljackson3773

The growth of Internet and other web technologies requires the development of new algorithms and architectures for parallel and distributed computing. International journal of Distributed and parallel systems is a bimonthly open access peer-reviewed journal aims to publish high quality scientific papers arising from original research and development from the international community in the areas of parallel and distributed systems. IJDPS serves as a platform for engineers and researchers to present new ideas and system technology, with an interactive and friendly, but strongly professional atmosphere.

Data Structures_Introduction to algorithms.pptxRushaliDeshmukh2

Concept of Problem Solving, Introduction to Algorithms, Characteristics of Algorithms, Introduction to Data Structure, Data Structure Classification (Linear and Non-linear, Static and Dynamic, Persistent and Ephemeral data structures), Time complexity and Space complexity, Asymptotic Notation - The Big-O, Omega and Theta notation, Algorithmic upper bounds, lower bounds, Best, Worst and Average case analysis of an Algorithm, Abstract Data Types (ADT)

Structural Response of Reinforced Self-Compacting Concrete Deep Beam Using Fi...Journal of Soft Computing in Civil Engineering

Analysis of reinforced concrete deep beam is based on simplified approximate method due to the complexity of the exact analysis. The complexity is due to a number of parameters affecting its response. To evaluate some of this parameters, finite element study of the structural behavior of the reinforced self-compacting concrete deep beam was carried out using Abaqus finite element modeling tool. The model was validated against experimental data from the literature. The parametric effects of varied concrete compressive strength, vertical web reinforcement ratio and horizontal web reinforcement ratio on the beam were tested on eight (8) different specimens under four points loads. The results of the validation work showed good agreement with the experimental studies. The parametric study revealed that the concrete compressive strength most significantly influenced the specimens’ response with the average of 41.1% and 49 % increment in the diagonal cracking and ultimate load respectively due to doubling of concrete compressive strength. Although the increase in horizontal web reinforcement ratio from 0.31 % to 0.63 % lead to average of 6.24 % increment on the diagonal cracking load, it does not influence the ultimate strength and the load-deflection response of the beams. Similar variation in vertical web reinforcement ratio leads to an average of 2.4 % and 15 % increment in cracking and ultimate load respectively with no appreciable effect on the load-deflection response.

five-year-soluhhhhhhhhhhhhhhhhhtions.pdfAdityaSharma944496

Value Stream Mapping Worskshops for Intelligent Continuous SecurityMarc Hornbeek

AI-assisted Software Testing (3-hours tutorial)Vəhid Gəruslu

Compiler Design Unit1 PPT Phases of Compiler.pptxRushaliDeshmukh2

IntroSlides-April-BuildWithAI-VertexAI.pdfLuiz Carneiro

Introduction to FLUID MECHANICS & KINEMATICSnarayanaswamygdas

railway wheels, descaling after reheating and before forgingJavad Kadkhodapour

DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...charlesdick1345

ELectronics Boards & Product Testing_Shiju.pdfShiju Jacob

Oil-gas_Unconventional oil and gass_reseviours.pdfM7md3li2

fluke dealers in bangalore..............Haresh Vaswani

Lidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptxRishavKumar530754

Machine learning project on employee attrition detection using (2).pptxrajeswari89780

Process Parameter Optimization for Minimizing Springback in Cold Drawing Proc...Journal of Soft Computing in Civil Engineering

"Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G...Infopitaara

theory-slides-for react for beginners.pptxsanchezvanessa7896

introduction to machine learining for beginersJoydebSheet

International Journal of Distributed and Parallel systems (IJDPS)samueljackson3773

Data Structures_Introduction to algorithms.pptxRushaliDeshmukh2

Structural Response of Reinforced Self-Compacting Concrete Deep Beam Using Fi...Journal of Soft Computing in Civil Engineering

five-year-soluhhhhhhhhhhhhhhhhhtions.pdfAdityaSharma944496

Value Stream Mapping Worskshops for Intelligent Continuous SecurityMarc Hornbeek

Silabus Training Reverse Engineering

1. Syllabus Training Reverse Engineering Overview Reverse engineering and Malware Analysis is an important skill for today’s expert security professional. Everything from reverse engineering and dissecting malware from discovering vulnerabilities in binaries to analyzing malware, is required in order to properly secure an organization from today’s ever evolving threats. This 5-Days Course will teach you from the beginning of reverse engineering, perform binary analysis in windows binary and linux executables files. You will learn how to recognize the high level language constructs (such as branching statements, looping functions and network socket code) critical to performing a thorough and professional reverse engineering analysis of a binary. After learning these important introductory skills, this course will dig deeper into malware analysis process. The course will teach you to perform static and dynamic malware analysis. Who should attend? • Reverse Engineer • Malware Analyst • IT Security Engineer • Digital Forensic and Incident Responder Team • IT Security Professional What will I learn? • Understand the key concepts of reverse engineering • Performing Reverse Engineering in Windows Executables, Linux Executables • Setup Safe Environment Lab for Reverse Engineering Analysis • Perform Static and Dynamic Analysis • Dump & Reconstruct Packed Application • Trace and Modify Application Digitally signed by Satria Ady Pradana DN: C=ID, OU=Training, O=Reversing.ID, CN=Satria Ady Pradana, [email protected] Reason: Signed Location: Date: 2019-05-22 16:51: 19 Satria Ady Pradana

2. Module I – Introductions • Introduction to Reverse Engineering • Modern Computing Architecture ▪ x86 and ARM ▪ Operating System Module II - Basic Identification • Introduction to Native and Interpreted Code • Structured and Unstructured Data • Executable File Format ▪ Portable Executable (PE) ▪ Executable and Linking Format (ELF) • Format Identification & Analysis ▪ Compiler, Runtime, Characteristics Identification ▪ String Extraction and Analysis ▪ File Format Analysis Module III - Basic Program Flow • Introduction to Programming • Basic C programming ▪ Branching ▪ Loop ▪ Functions • Basic Assembly Programming ▪ Opcodes and Assembly Languages ▪ Arithmetic and Logic Commands ▪ Memory Access & Segmentations • Mapping from C to Assembly. Module IV - Static Analysis (x86) • Introduction to Static Analysis • Disassembly & Decompilation • Graph and Control Flow • Structure Identification • Signature Modification

3. • API Identification Module V – Dynamic Analysis (x86) • Debugging o Introduction to Debugger o Debugging Control (Breakpoint, Steps, Trace) o Control Flow Modification • Dynamic Binary Instrumentation • Code Emulation • Traffic Analysis Module VI – Binary Alteration (x86) • Code Patching • Code Injection • Code Cave • Application Unpacking o Binary Dumping o Import Reconstruction Module VII - Code Protection (x86) • Anti-Disassembly • Anti-Debugging • Code Encryption & Dynamic Load • Code Virtualization

Silabus Training Reverse Engineering

Recommended

More Related Content

What's hot (20)

Similar to Silabus Training Reverse Engineering (20)

More from Satria Ady Pradana (20)

Recently uploaded (20)

Silabus Training Reverse Engineering