Introduction to Reverse Engineering - by Nicolas Brulez

Day 1: Goals tools and Techniques

Learn how you can reverse engineer programs to understand their inner workings

Instructor: Nicolas Brulez
Dates: 19-21 June 2006
Price: 2300$ + taxes
Availability: 12 seats

An Introduction to reverse engineering goals, tools and techniques. Topics covered will be Assembly Language, calling conventions, local variables, arguments, PE file format etc. Students will learn to recognize high level language constructs, data structures, and identify compilers.

Day 2: IDA and OllyDbg

Attendees will practice with IDA Pro and Ollydbg on many Reverse Engineering Exercices. They will be introduced to IDC scripting, as well as Ollydbg scripting.

The goal of the exercices will be to document some closed source programs made by Nicolas Brulez. The students will be able to document functions used by the programs, and write compatible applications if necessary.

Day 3: Manual Unpacking Basis

Attendees will learn the basic of Manual Unpacking, to be able to unpack simple packers such as upx, Aspack, nspack etc. They will learn to make valid dumps for further reverse engineering analysis.

Many exercices and demonstrations will be given to students.

Class Requirements

Training attendees are required to bring a laptop and a licensed copy of IDA Pro

Bio

Nicolas recently joined Websense Security Labs as a Virus Researcher where he does computer virus analysis, writes tools and does security research in general.

Prior to that, Nicolas was the Chief of Security for Digital River/SiliconRealms, working on the SoftwarePassport/Armadillo protection system for the past 4 years.

Nicolas specializes in anti-reverse engineering techniques to defend against software attacks. He has been active in researching viral threats and sharing that research with various anti-virus companies. He regularly writes for the French security magazine MISC and has authored a number of papers on reverse engineering, teached Assembly Programming and Reverse Engineering in various Computer Engineering Schools.

He also is an Associated Researcher of the Virology and Cryptology Laboratory of "Ecole Supérieur et d'Application des Transmissions".

Nicolas regulary speaks at international conferences such as Recon (Canada), PacSec (Japan), RuxCon (Australia), SSTIC (France), Virus Bulletin...