Reverse Engineering with IDA (3 days)
The goal of this course is to provide a quick but solid introduction to software reverse engineering goals, techniques and tools. For 2012, the training has been updated to be more dynamic and to better cover modern programs, recent worms, and new IDA features.
The course is designed for IT Security Engineers, Security Software Developers, Researchers, Forensic Specialists, Virus Analysts, Software Validators.
This training will demonstrate the use of IDA to analyze binary programs on modern operating systems. While the training will be mainly focused on Microsoft Windows programs, the skills taught are universal and usable on other IDA supported platform.
The following topics will be covered:
Common executable file features
Working with IDA
Creating the database: various information sources
Various views of the database
Modifying the listing
Patching the program
With all this information, how do I start my analysis?
Working with high level data
Enumerations and bitfields
Special structure types
Processor specific issues
Overview of obfuscation techniques
Exercises with several real-world sample files