Course curriculum

(Content is in active development)

    1. Important Information

    2. Introductory Theory

      FREE PREVIEW
    3. x86/x64 Basics

    4. Tooling Overview

    5. Brief Look at Ghidra

    6. Windows ABI & API Usage

    7. X86/X64 Reversing Challenge

    8. X86/X64 Reversing Solution

    9. Windows APIs Continued

    10. Quick Look at Ntoskrnl

    11. Binary Reversing Challenge

    12. Binary Reversing Challenge Solution

    13. PE32/PE32+ Format

    14. Loader Target Exe

    15. Writing a Loader in Rust

    16. Writing a Loader in Rust Pt.2

    17. Writing a Loader in Rust Pt.3

    18. C++ Concepts: Classes, VTables & More

    19. C++ Reversing Challenge

    20. C++ Reversing Challenge Solution

    21. Reversing Rust Binaries

    22. Assignment: Reversing Rust Challenge

    1. User-Land Binaries Theory

    2. Analyzing a Service Challenge: Solution

    3. Analyzing a Service: DLL

    4. Kernel Code Theory & Driver Challenge

    5. Driver Challenge 1: Analyzing a Real Driver

    6. Driver Challenge 1: Solution pt.1

    7. Driver Challenge 1: Solution pt.2

    8. Writing a Kernel Driver

    9. Writing a Kernel Driver Challenge Notes

    10. Writing a Kernel Driver: Walkthrough pt.1

    11. Writing a Kernel Driver: Walkthrough pt.2

    12. Writing a Kernel Driver: Walkthrough pt.3

    13. Writing a Kernel Driver: Walkthrough pt.4

    14. Writing a Kernel Driver: Walkthrough pt.5

    15. Kernel Malware Reversing

    16. Kernel Malware Reversing: Walkthrough pt.1

    17. Kernel Malware Reversing: Walkthrough pt.2

    18. Kernel Malware Reversing: Walkthrough pt.3

    19. Vulnerable Kernel Driver Reversing

    20. Vulnerable Kernel Driver Reversing: Walkthrough

    21. Signed Vulnerable Driver Sample

    1. Obfuscation Theory

    2. Obfuscated Malware Sample

    3. Reversing Obfuscated Ransomware from Scratch pt.1 (Initial Analysis)

    4. Reversing Obfuscated Ransomware from Scratch pt.2 (Patching Opaque Predicates)

    5. Reversing Obfuscated Ransomware from Scratch pt.3 (Identifying Packed Code)

    6. Reversing Obfuscated Ransomware from Scratch pt.4 (Unpacking Code in Rust)

    7. Reversing Obfuscated Ransomware from Scratch pt.5 (Unpacking Theory: Emulation, Hypervisors, Debuggers)

    8. Reversing Obfuscated Ransomware from Scratch pt.6 (Unpacking via Emulation)

    9. Reversing Obfuscated Ransomware from Scratch pt.7 (Analyzing Unpacked Code + Further Deobfuscation)

    10. Messing with ABIs in Rust

    11. Symbolic Execution

    1. Reversing Other Targets (MacOS, Embedded, Linux, etc)

    2. Batch Analysis & Large Scale Reversing

    3. Final Notes

    4. Bonus Challenge

    5. Additional content survey

About this course

  • $2,640.00
  • 59 lessons
  • 26 hours of video content
  • Learn to reverse engineer arbitrary software, including for malware analysis & vulnerability research

Pricing Options

Additional pricing options may be applicable. Proof of eligibility required. Additional options may exist for those from underprivileged countries -- enquire via email for more information or to request a pricing option.

  • Student Pricing

    Cost: $825

    Applies to any currently enrolled Student

  • Faculty Pricing

    Cost: $1825

    Applies to most types of Faculty

  • Veteran Pricing

    Pricing: $1325

    Applicable to Veterans and Military personnel

In-Dev Best Price Guarantee

Get the best standard price for this course before development ends (TBD -- ~October)

Learnings

Here's a tiny sample of the learnings you'll achieve throughout this course

  • Understand low-level x86-64 & OS internals (CPU Page Tables, UEFI/BIOS Boot)

  • Write Rust PE32/32+ loaders & understand the format of Windows binaries

  • Reverse engineer both User & Kernel targets, including malware and vulnerable software

  • Reverse both C & C++ binaries, recreating structures, analyzing vtables and working with Ghidra to turn default decompilation output into meaningful code with accurate types & names

  • Analyze assembly to modify incorrect decompilation from output of tools like Ghidra or IDA/Binary Ninja