REVERSE ENGINEERING / BT221

FIVE   |   TWELVE   |   95%   |   40

        SCENARIOS                     LABS                            HANDS-ON           DURATION

Reverse Engineering is a technique used to analyze software to identify and understand its components and its flows. It is a process of understanding code infringement processes and analyzing software weaknesses. Reverse Engineers analyze systems to create system representations in another form of abstraction.

LAB 01

Calculation of Bases

LAB 02

Representing Information

LAB 03

Assembly

LAB 04

Controller Flags in the Processor

LAB 05

Professionalization in GDB

LAB 06

Buffers

LAB 07

Writing Exploits to Bypass Protections

LAB 08

Memory Management Policy

LAB 09

GOT Utilization

LAB 10

Memory Management

LAB 11

Exploitation

LAB 12

Bad Characters

Scenario: RE001

With the recent Corona outbreak, many students and employees used the Zoom application to chat, video, and audio conferencing. A group of hackers seized the opportunity and started to spread a trojan that mimics the behavior of the Zoom installer. We managed to acquire a sample of the Trojan, use your skills to reverse its behavior, and identify the authors of the Trojan.

photo_2020-03-30_13-32-34.jpg

Scenario: RE002

Cybersecurity researchers have uncovered a new destructive data-wiping malware, dubbed ZeroCleare, that is being used by state-sponsored hackers in the wild to target energy and industrial organizations in the Middle East. They managed to capture a binary that may contain traces of the malware. Your task is to analyze the binary file to identify the behavior of the malware.

photo_2020-03-30_18-57-28.jpg

Scenario: RE003

A critical zero-day vulnerability has been discovered in the Windows kernels, that could prevent some security software from detecting malware at runtime when loaded into system memory. Debug and analyze the kernel and find the security issue.

photo_2017-09-18_11-20-35.jpg

Scenario: RE004

A research team discovered a flaw in the recent botnet called Mirai; they suspect that the source code is vulnerable. Inspect the binary.

photo_2020-05-12_20-31-43.jpg

Scenario: RE005

French agencies managed to intercept the RETADUP malware that infected systems across the world. The Research team asks for your help to analyze and debug the shellcode.

photo_2020-05-12_20-34-04.jpg

© 2020 by ThinkCyber

THE 2020

CYBERIUM