SEC-T - 0x0EXPAND

(13)-15-16th of September 2022

Introduction to reverse engineering

This one-day training aims to give the participant an introduction into the field of software
reverse engineering. We will look at various types of programs including both machine code,
Java and Javascript. They will be analyzed using a mix of static and dynamic analysis
including using off-the-shelf tools and writing scripts of our own to help us in our effort. The
goal of the training is to both give a general understanding of the different approaches that
are available to us as a reverse engineer but also hands-on experience with applying some
of these techniques.
After completing the training the student will have a solid foundation to continue their reverse
engineering studies with as well as a basic toolbox to approach real-world problems with
whether it’s analysis of simpler malware or debugging third-party software.

Course Contents
The course will cover the following topics. Topics marked with “*” will be covered as part of
the introduction/background without accompanying exercises. Topics marked with “**” are
advanced topics covered as part of an introduction into how to proceed after the training.
● Introduction
○ Why reverse engineering?*
○ Types of reverse engineering*
● Static analysis
○ Disassembly

○ Decompilation
○ Identifying patterns
● Dynamic analysis
○ Debugging
○ Emulation
○ Tracing
○ Hooking
● Technologies
○ Low-level: x86/ARM
○ Mid-level: Java/.NET
○ High-level: Javascript
● Methodology
○ Automation
○ Signatures**
○ Diffing**