I’m a passionate teacher with over a decade of experience in teaching malware analysis and reverse engineering related topics. I love learning, and likewise passing on that knowledge to the next generation. I have seen former students take their learned skills far beyond what I could have ever taught them, and there is nothing more exhilarating.
What I can currently offer is listed below, and please keep in mind that modifications to curriculums can be made relatively easily.

Advanced Linux Malware Reverse Engineering

1-day, 2-day or 4-day options available, customers can choose topics for 1- and 2-day options.

Abstract

This fast-paced course will make students familiar with reverse engineering Linux malware, starting off with a dense walk through of Linux OS internals and Linux binary analysis techniques, before jumping right in with common Linux malware. Quickly we’ll work our way to advanced samples, targeted malware, Linux software protection techniques and packers. We will cover Go malware, Rust, and C++ samples, and explore recent rootkits targetting Linux.
Students will walk away with a deep understanding of Linux binary analysis techniques and knowledge of the Linux threat landscape, being able to dissect advanced Linux malware in their day to day operation.

Description

Day 1
Familiarization with analysis environment using introduction malware
Linux specific reverse engineering concepts, Linux OS internals and ELF file format
Compiling, linking, loading, process execution
Practice learned skills on a selection of DDoS bots, bitcoin miners, and ransomware, the Linux most-wanted

Day 2
Dynamic analysis of malicious software on Linux, tool internals and techniques
C++ reverse engineering with Linux malware examples from real world attacks
Go and Rust reverse engineering of Linux malware, such as Luna and BlackCat ransomwares

Day 3
Linux analysis evasion tricks, packers, process injection techniques
Hands on unpacking and evasive sample analysis
Linux rootkits and eBPF based malware such as Diamorphine, Phalanx2, and Symbiote

Day 4
Targeted Linux malware samples, cases like Turla and BVP47
Advanced analysis automation techniques using eBPF and Frida
Hands-on guided and self-guided reverse engineering of advanced samples

Key Learning Objectives

Proficiency in Linux binary analysis knowledge
Understanding Linux malware in-depth
Learning Linux analysis evasion techniques
Advanced analysis automation techniques

Introduction to Binary Reverse Engineering

1-day and 2-day options, details coming soon!

Compiler Internals for Security Engineers

1-day, details coming soon!

Available Starting Winter 2025

Windows Malware Reverse Engineering (Introduction / Advanced)
1-day, 2-day and 4-day options

Compiler Internals for Security Engineers
2-day and 4-day options