miércoles, 28 de julio de 2010

TRAINING: Modern Malware Reverse Engineering

De la mano de ESET, uno de los líderes mundiales en la lucha contra el software malicioso, tenemos uno de los trainings más innovadores en este campo.


Consulta aquí para mayor información.


TITULO:
Modern Malware Reverse Engineering

TEMARIO:
- Basic unpacking (examples with FSG and ASPack)
- Basis of static analysis
- Control Flow analysis
- Data analysis
- Function and cross references
- IDA tips and tricks
- Basic modern malware analysis
- Typical infection vectors, how to spot them in a binary
- Typical installation mechanism and how to spot them in a binary
- Typical payloads and how to spot them in a binary
- Complete example of bot infection, from malicious javascript to installed malware
- Example of complex malware analysis, starting from semi automated deobfuscation with final binary analysis

FORMATO:
Every section of the training will have a technical introduction and review, and there will be hands-on exercises by the end of it.

AUDIENCIA:
The training is focused in developers, security researchers, exploit writers or reverse engineers looking to learn about the common techniques, tips and Tools for analyzing current complex malware.

REQUISITOS:
- Good knowledge of English
- Beginner knowledge of x86 assembly
- Medium programming background (any language but C or C++ preferred)
- Basic knowledge of debugging and disassembly tools such as IDA and
OllyDBG/ImmDBG
- Basic knowledge of binary unpacking

INFORMACION ADICIONAL:

- A set of tools will be provided (free version of IDA, ImmunityDbg, LordPE)
- A set of binary files for the hands-on part of the training will be provided

TRAINER: Joan Calvet
Joan Calvet is a Ph.D. student at the High Security Lab in LORIA (Nancy, France) and the SecSI Lab at the Ecole Polytechnique of Montreal. He also frequently collaborates with anti malware company ESET. His main interests lie in malware analysis, reverse engineering, and software security. Joan has presented at various international conferences including REcon and Virus Bulletin.

No hay comentarios: