RESERVE MY SPOT

Victor Chebyshev is a Security Expert at Kaspersky Lab, where he researches for mobile malware. He graduated from Moscow Institute of Electronics and Mathematics. During his studying, he became interested in reverse engineering and malware analysis. After graduation, he changed several jobs before landing his position as Information Security Specialist. Kaspersky Lab hired Chebyshev as Junior Malware Analyst in January 2009. By 2013 he was promoted to Non-Windows Malware Research Group Manager and then at 2015 to Security Expert. Nowadays Chebyshev is an experienced specialist and has deep knowledge in Android, Linux and Mac OS malware.

This course is meant as a practical course on malware reverse engineering and analysis for beginners. It will start with an introduction to the main concepts and terms needed, as well as an assembly language crash course for those with no prior experience. We will learn what approaches and tools can be used and how to perform static and dynamic analysis of malicious executables for multiple platforms – Windows, Linux, MacOS and Android. The course will also cover some of the more advanced topics on software vulnerabilities and exploits analysis, reverse engineering byte-code and script languages, automating reverse engineering tasks, unpacking, deobfuscating and dynamic binary instrumentation.

SKILLS:

Information Security

Penetration Testing

IDS

Network Security

Security Audits

DATE: 12 – 30 Mar, 2018

DURATION: 3 Weeks

LECTURES: 3 Hours per day

LANGUAGE: English

LOCATION: Barcelona, Harbour.Space Campus

COURSE TYPE: Offline

Session 1

Introduction to the main reverse engineering concepts and terms

Setting up needed software and safe environment. Processor architectures, CISC vs RISC, data types, endianness, main purpose hardware registers, virtual memory and memory addressing, stack and stackframe.

WHAT YOU WILL LEARN
COURSE OUTLINE
ABOUT VLADISLAV
BIBLIOGRAPHY
HARBOUR.SPACE 

Session 2

Introduction to x86 and x64 Architecture and Assembly

Function epilogue and prologue. Calling conventions. Register set and instruction set. Finding C code constructs in Assembly. Practice: Assembly Hands-on and Exercises.

Session 3

Windows OS Architecture and Static Analysis

Windows Architecture overview. Kernel mode vs user mode. Portable Executable file format. Compiler, Assembler and Linker. Practice: Working with PE files, Determining compiler, Quick static malware analysis. Reverse Engineering C and C++ code using HIEW and IDA Pro.

MALWARE REVERSE 
ENGINEERING

The ability to dissect, analyse executables and scripts, as well as understand what they do, is becoming an important skill not only for an information security engineer, but for almost any IT related specialist. The hands-on, practice-oriented format of this course will allow students to rapidly obtain skills needed for static and dynamic analysis. As a result, students will gain a deeper and more thorough understanding of applications and operating systems, they would learn how to analyse and reverse engineer software, avoid common software bugs, exploited by attackers and build better, more secure application.

VLADISLAV 

STOLYAROV

RESERVE MY SPOT

We offer innovative university degrees taught in English by industry leaders from around the world, aimed at giving our students meaningful and creatively satisfying top-level professional futures. We think the future is bright if you make it so.

HARBOUR.SPACE UNIVERSITY

DATE: 12 – 30 Mar, 2018

DURATION: 3 Weeks 

LECTURES: 3 Hours per day

LANGUAGE: English

LOCATION: Barcelona, Harbour.Space Campus

COURSE TYPE: Offline

MALWARE REVERSE 
ENGINEERING

BORIS LARIN

Vlad is focused on all sorts of vulnerability research, advanced exploit detection and prevention.  Active CTF contests player.

Received bachelor and master's degrees from Moscow Technical University of Communications and Informatics and Higher School of Economics universities.

ABOUT VICTOR

All rights reserved. 2018

Harbour.Space University
Tech Heart

Session 4

Dynamic Analysis and Debugging

Monitoring Windows APIs. Using system monitoring utilities to capture file system, registry and network activity. Debugging windows applications using x64dbg, windbg. Practice: Dynamic malware analysis and debugging exercises. Determining sample functionality.

SHOW MORE
BORIS LARIN

Boris has more than 7 years of  experience in Reverse Engineering. His work on a subject  of code deobfuscation  won the contest among others 3000 submissions in International Cyber World Competition.

In  Kaspersky Lab he is responsible for detection and prevention of advanced threats such as exploits with all modern antivirus technologies.

ABOUT BORIS
VICTOR 
CHEBYSHEV