- This event has passed.
Raleigh ISSA Saturday – Reverse Engineering
April 27, 2019 @ 9:00 am - 3:30 pm
Doors open at 8:30 a.m.. Please see the prerequisites below. You need to be ready to start coding at 9 a.m. when the class starts.
Food – Raleigh ISSA always feeds you! Breakfast (a.k.a. Bojangles Biscuits and coffee / water) will be provided. Also lunch (TBD) will be provided. If you leave hungry, it is definitely on you!
NOTE – THIS IS AN ADVANCED TOPIC. MAKE SURE THAT YOU HAVE THE BACKGROUND TO ATTEND. YOU MUST COMPLETE THE PREREQUISITES LISTED BELOW BEFORE ARRIVING ON THE DAY OF CLASS. WE WILL NOT SPEND ANY TIME CONFIGURING YOUR TESTING ENVIRONMENT.
If you have questions or issues with the configuration, send an email to firstname.lastname@example.org before the class starts.
Software reverse engineering (RE) is an incredibly powerful skill to have in your arsenal. From CTF competitions to vulnerability discovery, analysis, and exploitation, it’s often necessary to delve into the low-level inner workings of a software sample to get the job done. Understanding how software operates at a low level will also make you a better developer!
Software RE can intimidating for even experienced software and security professionals, due to the breadth of knowledge that appears to be required just to get started. It’s easy to get lost and discouraged using complex tools without having very specific analysis goals! This workshop aims to outline your foray into RE and focus on the practical and foundational skills needed to learn quickly and be a successful binary spelunker.
We will cover
· How to learn an assembly language and recognize constructs that represent high-level language statements
· Basic binary reconnaissance
· How to wield a disassembler (we’ll be using Ghidra)
· Where to go from here
NOTE!!!! Basic understanding of the C programming language is a prerequisite. If your C programming is rusty, review the Introduction and Basic C Features and Pointers, Arrays, and Strings sections here: https://www.cprogramming.com/tutorial/c-tutorial.html
The examples in this workshop will require a 64-bit Intel Linux system (virtual, Windows with WSL, or native) to run. Labs and setup instructions will be found here: http://bit.ly/2IEhLVc Please complete the setup instructions prior to arriving at the workshop, and note that the installer script is for Linux distributions using the apt package manager so if you use a different distro you will need to adopt appropriately.
Instructor Bio – Ben Demick (@3pidemix) is a senior reverse engineer and security researcher at Booz Allen Hamilton with over 15 years of industry experience. He directs and performs research related to software binary analysis and embedded system vulnerability discovery, while also providing software engineering, development, test, incident response, and reverse engineering support to several government and commercial clients. Ben is also an instructor for the Booz Allen Software Reverse Engineering courses, where he develops course material and delivers training to internal staff and external clients. He has also served as a lab instructor for undergraduate reverse engineering at the University of Maryland, College Park, and led several BSides workshops on reverse engineering. Ben holds a B.S. in Electrical Engineering and Physics from Clarkson University, and an M.S. in Electrical and Computer Engineering from Johns Hopkins University.