Reverse Engineering

From March 11, 2013 to March 12, 2013

Participants will be introduced to the reverse engineering of closed-source software on Windows and embedded platforms following a structured approach. All necessary tools and methods will be introduced. Their correct and efﬁcient usage will be taught, including practical examples and exercises. The goal of this workshop is to enable participants to successfully conduct reverse engineering projects in a efﬁcient and structured way. Success factors and alternate approaches will also be discussed.

Agenda

Reverse engineering basics
Introduction to the basic tools
Windows binary (Portable Executables) format
Disassembling basics & common problems
Decompiling basics
Rating of the reliability of results
Debugging & API monitoring introduction
Advantages of API monitoring
Adjusting debuggers for certain RE projects
Runtime vs. static analysis
Code coverage basics
Structured approach for reverse engineering
Advantages & disadvantages
Limitations & potential solutions
Important add-ons
Dissassembler and decompiler SDKs
Special requirements & considerations for embedded systems
A variety of reversing exercises, including embedded targets
Recommended readings

Requirements:

Bring your own laptop.

Daniel Mende

Daniel Mende is a German security researcher with ERNW GmbH and specializes in network protocols and technologies. He is well known for his Layer2 extensions of the SPIKE and Sulley fuzzing frameworks. He has also discussed new ways of building botnets and presented on protocol security at many occasions including Troopers, ShmooCon and Black Hat. He has written several tools for assessment of telecommunication networks like Pytacle, GTP-Scan, Dizzy and APNBF.

Graeme Neilson

Graeme Neilson, Chief Research Officer, RedShield Security. https://www.redshield.co