Description
This course is series of hand-on excercises to teach the student how to analyse the functions of an existing binary. The course will go through analysis of malware, and identifiying the operations of binary program.
Students familiar with high level programmign languages will be shown how to decompose the binary outputs of compilers and identify program operations at the assembler and machine code level.
Topics
IA32 CPU architecture
Basics of assembly language
Learning basic of IA32 instructions
Coding assembly code using inline assembler of visual C++ (Basic code, using APIs, etc)
Basics of Windows kernel architecture
Reverse engineering
EXE samples generated by sample C source code
Sample vulnerabilities, existing Windows vulnerabilities
Known malware
Finding new vulnerabilities in sample app, making shellcode and exploits
Prerequisites:
Basic C Programming Knowledge
A laptop with Windows Vista, XP, or 2000 (As a host or as a guest image)
Instructor: Yuji Ukai
No bio.