Automating RE With Outside-The-Box Full-System Dynamic Analysis

Abstract

This is an advanced course that teaches the student how to automate reverse engineering tasks using full-system analysis by way of emulation. This course teaches powerful techniques that are at the forefront of security research and is relevant for all domains in software analysis, e.g. malware analysis, reverse engineering, vulnerability discovery, root-cause analysis and much more.

Learning objectives
  • QEMU-internals and full-system analysis with PANDA.
  • Virtual Machine Introspection (VMI).
  • Intermediate representations, QEMU TCG and LLVM IR.
  • Dynamic taint analysis.
  • Designing general and precise solutions using the above techniques.
Who should attend?
  • Security researchers.
  • malware analysts.
  • exploit writers.
  • security engineers.
  • Any others who need to understand the behaviours and artefacts of complex systems at a detailed level.
Prerequisites

This is an advanced course that requires experience with reverse engineering, forensics and C/C++ programming.

Order the course

This course is only available for on-site private trainings. Please contact us by following the contact button below to inquire about availability and any further details on the course.

Key Learning Objectives
  • QEMU-internals and full-system analysis with PANDA.
  • Virtual Machine Introspection (VMI).
  • Intermediate representations, QEMU TCG and LLVM IR.
  • Dynamic taint analysis.
  • Designing general and precise solutions using the above techniques.

Have a question about this course?

Get in touch today with any questions that you might have.