Introduction to Reverse Engineering
Rapidly identify areas of vulnerability in software then target those areas with surgical precision? How can you exercise specific code paths with assurance while monitoring precisely your applications behavior? How can you log bug after bug while your teammates watch with envy? The answer lies in one of the most powerful techniques you can apply to software. A technology so lethal to executing software, that it is almost not fair.
This class is designed to give software testers, developers an entirely new and complimentary skill set that will immediately set you apart from your peers. The course content is a top level version of Security Innovation's reverse engineering training that has been successfully delivered to some of the best and most elite Red Teams' in the country. This is strong Kung Fu and once the student has been exposed to the potential of the technique they will never look at software quite the same again. As an introduction, the course lays the foundation for acquiring the skills that when collectively applied are known as reverse engineering. The course covers the complimentary techniques of static and dynamic analysis and how together they can be used to identify vulnerable hot spots' in your application. You will be exposed to the tools of the trade; hex editors, disassemblers, resource editors, debuggers and more. You will lean from the pros what it takes to break even the most secure applications.
Lets face it, when deployed your software executes in an unknown hostile environment. The adversary trying to break your software uses these skills. Attend this course and deny them the advantage while truly advancing your ability to understand software and how to test more effectively. .
|Time:||7:45am - 5pm|
|Location:||Click here to view the class schedule|
|Prerequisites:||Understanding of TCP/IP protocols|
Method of Delivery - Residential On Ground
Method of Evaluation: 1. 95 % attendance 2. 100 % completion of Lab
Grading: Pass = 95% Attendance and 100% Completion of Labs and Practical
Fail => 95% Attendance and > 100% Completion of Labs and Practical
Learning Level: Programmer - Intermediate
Shatter the myth that binary code represents unintelligible and unchangeable hexadecimal values. You learn the basics of assembly language on the Intel architecture. The knowledge gained in this first segment on assembly will be one of the key building blocks to understanding the output of common reverse engineering tools and learning to write exploit code for buffer overruns. The class will then proceed to teach you how to use IDA Pro, the most powerful and widely used disassembler on the market. During this course you will be exposed to several such tools including SoftIce (the most common debugger used by the hacking community) and Holodeck (our powerful fault injection tool).
Next, we give you insight into the most common security flaw that plagues modern software the buffer overflow. We will dissect this type of vulnerability in depth and walk you through the anatomy of a buffer overflow. After this introduction, we then proceed through hands-on exercises to help you uncover potential buffer overflows in applications using tools such as IDA Pro and Olly Debugger. Next, we proceed to teach you how to determine if a buffer overflow is exploitable and the theory behind exploits.
Who Should Attend?
This is an essential course for software testers, software developers, development and test managers, and anyone involved in software production.
What Is CWE? Want more info on CWE?
Targeted to developers and security practitioners, CWE is a formal list of software weaknesses, idiosyncrasies, faults, and flaws created to:
Serve as a common language for describing the source code, software design, or software architecture causes of software security vulnerabilities.
Serve as a standard measuring stick for software security tools targeting these issues.
Provide a common baseline standard for identification, mitigation, and prevention of these weaknesses.
I. Introduction to Reverse Engineering
- State of the art
II. Assembly for Reverse Engineers
- Instruction set review
- Stack mechanics
- High-level language mapping
III. The Reverse Engineers Toolset
- Virtual Machines
IV. Vulnerability analysis and exploitation using reverse engineering techniques
- Intro to IDAPro
- Using IDA
- DA scripts
V. Finding Vulnerabilities through Binary Scanning
- Problem scope
- Vulnerable functions
- High level language
- Binary signatures
- Hands on: Scripting IDA to recognize vulnerabilities in binary code
VI. Bug Advocacy: Exploiting Vulnerabilities
- Locating code flaws with hostile testing
- Engineering op code exploits
- Hands on: Intro Shell code lab
- Hands on: Advanced shell code lab
VII. Wrap up
- Advanced technologies
- Course summary and closing
*Class fees are subject to change