52455645525345: Difference between revisions

Line 3:

|Description=Reverse Engineering Workshop

|Type=Workshop

|Date=~~2017~~-11-18

|Date=2018-07-16

|Start=11:00

|Host=barbieauglend

Line 26:

I [[barbieauglend]] would love to take a look at binaries with you and figure out together what the programs do. They are often a lot easier than you might think!

If you want to participate, you will need a Laptop (with charger!) with a ~~Windows OS virtual~~ machine. If you don't have it or have problems organizing it, please let me know before the workshop =) We can manage something! And if you have any questions, feel free to contact me under barbieauglend@chaosdorf.de !

If you want to participate, you will need a Laptop (with charger!) with a Windows7 guest machine. If you don't have it or have problems organizing it, please let me know before the workshop =) We can manage something! And if you have any questions, feel free to contact me under barbieauglend@chaosdorf.de !

~~<!--~~ == Please read :

== Please read ==

~~ here we go again~~: ~~RE workshop.~~

Requirements:

~~ This time I prepared 3 binaries~~ - ~~3 different levels for us to reverse together~~.

- Virtual machine software (VMWare, VirtualBox etc...).

If you ~~participated on past workshops~~, ~~you should be good~~ to go.

- Windows 7 guest system with IDA Pro (Free 5.0 is acceptable).

~~If not, I would kindly ask you~~ to ~~send me an email~~ and I ~~will send you~~ some ~~slides~~ to ~~take~~ a ~~look before the workshop!~~

- Microsoft Visual Studio 2008 redistributable package.

~~Don't worry~~! ~~It should take you ca 15-20 min =~~)

Let's dive into the blackhole of compiled code and understand the internals of the software running in our computer. It doesn't matter if you want to fix a broken gadget or safe your files (now you know why backup right!) from a ransomware, it is elementary to understand how they work. This is Reverse Engineering (RE), and it is done every day from recreating outdated and incompatible software, understanding malicious code, or exploiting weaknesses in software.

We are going to try to cover topics like:

* Uses for RE

* The tricks and pitfalls of analyzing compiled code

* Identifying calling conventions

* How to navigate x86 assembly using IDA Pro

* Identifying Control Flows

* Identifying the Win32 API

* Using a debugger to aid RE

* Dynamic Analysis tools and techniques for RE

I am going to bring some nice binaries which we can go through together. We are going to explore how static reverse engineering works and how can we use it to understand what a piece of malware does (hopefully!).

== Participants (please register!) ==

@@ Line 3: / Line 3: @@
 |Description=Reverse Engineering Workshop
 |Type=Workshop
-|Date=2017-11-18
+|Date=2018-07-16
 |Start=11:00
 |Host=barbieauglend
@@ Line 26: / Line 26: @@
 <br>I [[barbieauglend]] would love to take a look at binaries with you and figure out together what the programs do. They are often a lot easier than you might think!
-<br>If you want to participate, you will need a Laptop (with charger!) with a Windows OS virtual machine. If you don't have it or have problems organizing it, please let me know before the workshop =) We can manage something! And if you have any questions, feel free to contact me under barbieauglend@chaosdorf.de !
+<br>If you want to participate, you will need a Laptop (with charger!) with a Windows7 guest machine. If you don't have it or have problems organizing it, please let me know before the workshop =) We can manage something! And if you have any questions, feel free to contact me under barbieauglend@chaosdorf.de !
-<!-- == Please read :
+== Please read ==
-<br>here we go again: RE workshop.
+Requirements:
-<br>This time I prepared 3 binaries - 3 different levels for us to reverse together.
+- Virtual machine software (VMWare, VirtualBox etc...).
-If you participated on past workshops, you should be good to go.
+- Windows 7 guest system with IDA Pro (Free 5.0 is acceptable).
-If not, I would kindly ask you to send me an email and I will send you some slides to take a look before the workshop!
+- Microsoft Visual Studio 2008 redistributable package.
-Don't worry! It should take you ca 15-20 min =)
+Let's dive into the blackhole of compiled code and understand the internals of the software running in our computer. It doesn't matter if you want to fix a broken gadget or safe your files (now you know why backup right!) from a ransomware, it is elementary to understand how they work. This is Reverse Engineering (RE), and it is done every day from recreating outdated and incompatible software, understanding malicious code, or exploiting weaknesses in software.
+We are going to try to cover topics like:
+* Uses for RE
+* The tricks and pitfalls of analyzing compiled code
+* Identifying calling conventions
+* How to navigate x86 assembly using IDA Pro
+* Identifying Control Flows
+* Identifying the Win32 API
+* Using a debugger to aid RE
+* Dynamic Analysis tools and techniques for RE
+I am going to bring some nice binaries which we can go through together. We are going to explore how static reverse engineering works and how can we use it to understand what a piece of malware does (hopefully!).
 == Participants (please register!) ==