Intro to Malware Reverse Engineering
A technical training course offered by Randy Pargman of Binary Defense
September 27 – 28, 2022
About the Course:
Interested in learning to uncover the secrets of malware to find out how it works, while defeating the tricks that malware authors use to trick analysts? As malware continues to evolve so too must our threat hunting methods. In our ‘Intro to Malware Reverse Engineering” course you will learn practical analysis and report writing techniques to dissect the valuable data out of malware to help inform threat hunting and detection engineering efforts as well communicate those findings effectively for incident response.
This course will focus on disassembly analysis of compiled 32-bit DLL files written in C using static analysis techniques with IDA and dynamic analysis in a debugger.
This class is currently sold out.
- Gain skills in reverse-engineering malicious software for Windows operating systems.
- Best practices for creating tactical analysis reports and feedback to aid communication.
- How to leverage free tools like IDA, Visual Studio, x32dbg for threat hunting.
Who should take the course:
- Aspiring Threat Hunters
- Penetration Testers
- SOC Analysts
- Security Engineers
Recommended Skill Level:
This course is designed for technical security personnel who wish to gain skills in reverse-engineering malicious software for Windows operating systems. Although no prior experience is required to take the class, students who have some programming experience in C or another language will find it easiest to participate fully.
Learners will require a computer capable of running the Microsoft Windows 11 Developer virtual machine in VMWare, Hyper-V, VirtualBox or Parallels: https://developer.microsoft.com/en-us/windows/downloads/virtual-machines/
The VM should be allocated 4GB of RAM and 2 CPU cores at least, so a host system should have at least 16 GB RAM and 4 or more CPU cores and at least 100 GB free disk space. We will download IDA Free 7, x64dbg/x32dbg, and other free software.
This course will be delivered over two days, approximately 16 hours total (not including breaks). Participants will have two attendance options available to them, in-person or virtually.
- Live Virtual Attendance
- The class will be available online via Zoom and will start at 10am US Eastern Time (7am Pacific, 9am Central).
- Live In-Person
- A limited number of in-person seats are available at the TrustedSec headquarters building in Fairlawn, Ohio.
Course Author & Trainer
Randy Pargman is the Vice President of Threat Hunting and Counterintelligence at Binary Defense. In this role, he leads the teams responsible for advanced analysis of malware, development of technology to detect threat actor activity, threat intelligence research of criminal forums, and monitoring of Darknet, Clearnet and Social Media platforms for threat indicators. Randy previously worked for the FBI, where he served for 15 years, most recently as a Senior Computer Scientist on the Cyber Task Force in Seattle.