Who is this training for?
The course is aimed at security analysts who want to understand the basics of reverse engineering to discover vulnerabilities in a black-box scenario. Reverse engineering is a skill useful for application developers, who want to understand what vulnerabilities are introduced during compilation.
Pre-requisites for following this training:
- The ability to understand source code in C/C++
- Basic understanding of assembly languages, preferably the ARM v7 architecture
- Basic understanding of computing systems, memory organization
- Ability to understand Python is desirable: it will be used to illustrate how to script IDA and how to emulate code using the Unicorn Engine
Have you always wondered how to take a piece of software apart and understand its inner workings? Have you wondered how to extract useful information from a binary file?
The Reverse Engineering training for software applications aims to do just that. During this training you understand the functionality of compiled code by combining static and dynamic analysis techniques. During the training we focus on the ARM platform. We use exercises throughout the course to teach the skill of reversing.
This training will equip you with the necessary knowledge to perform reverse engineering of ARM binary code to understand its functionality. You will have experience with state-of-the-art tooling to perform such analysis, and understand how high-level
code translates into binary. Riscure will provide laptops with the required software, including Riscure’s licenses for IDA Starter.
Reverse Engineer ARM binary code by using static and dynamic analysis techniques.
- Identify high level language constructs in binary code (e.g. structures, loops, functions, classes, etc.)
- Identify common data structures in binary code (e.g. arrays, linked-lists, trees, etc.)
- Identify typical vulnerability patterns in binary code
Introduction to Software Exploitation
Don't hunt for vulnerabilities! Deploy mitigation techniques that make your embedded software more robust even when a coding mistake happens.
Essential Fault Injection
Closely connected with SCA know-how, the Fault Injection experience this training empowers your team with the complete knowledge of hardware security techniques.