Mosse Cyber Security Applied Reverse Engineering
$3300.00 (inc GST)
This three day course combines a deep understanding of reverse engineering with rapid triage techniques to provide students with a broad capability to analyse malicious artifacts uncovered during incident response.
- The students are responsible for bringing their laptops to the course.
- Internet is provided by the training provider.
- Attendees will have to install a VPN client to connect to the security lab infrastructure.
- Attendees are required to have an RDP client (installed by default on all Windows machines)
- Windows Windows 7 or above
- A copy of IDA Pro version 6.0 or greater
- Administrative privileges on your laptop
- Virtualization Software
- Custom VM labs will be provided
- RDP Client
Please be advised that this is a reseller course which is not held at DDLS. Students are expected to organise their own meals.
This course will equip students with the skills required to keep up with modern malware and rapidly extract the most valuable and pertinent data to their investigations, including Indicators of Compromise (IOCs).
Rapid Reverse Engineering includes considerable lab time utilising replicated enterprise networks and attacks. Students will leave with an understanding of:
- How real world attacks are carried out
- File triage processes and techniques
- Intelligence extraction techniques from malware
- How to deal with binary obfuscation techniques
- How to get indicators from a file in a hurry
Rapid inspection of various file formats
- Metadata extraction from PE, PDF, and Office docs
- Finding buried artifacts in files
- Mobile malware metadata analysis
Assured Dynamic Analysis
- Extracting Host IOCs from file formats with dynamic analysis
- Working with DLLs
- Splatter network IOC extraction and log file analysis
- Memory Analysis
- X86 zero to hero
- ARM zero to hero
Process Tracing for Rapid File Assessments
- Intro to Intel PIN
- Code tracing with Pin
- Shellcode analysis with Pin
- Intro to IDA Scripting
- x86 emulation
- De-obfuscation techniques
- Using IDA for unpacking assistance
- Unpacking in-memory
Android Auto Analysis
- Android Internals
- APK Reversing By Hand
- Automated APK Reversing
- ARM Bindings and Android
Malware Analyst, Security Analyst, Digital Forensics Investigator, Cyber Incident Responder
- Basic understanding of the Windows operating system and utilities; basic understanding of what the assembly programming language is and the benefits of reverse engineering;
- Recommended to have worked in IT in a technical role for at least 1 or 2 years.
The supply of this course by ACTE Pty Ltd (trading as DDLS) is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.
Please call DDLS on 1800 U LEARN (1800 853 276) or register your interest below.
DDLS offers this training through a third party. This arrangement requires DDLS to provide your details to our partner for course registration purposes.