Description
Course Goals
- Familiarize students with the basic concepts behind software reverse engineering
- x86_64 Architecture Review
- Identifying C constructs in assembly code
- Disassembly vs Decompilation
- Teach students how to use the Ghidra SRE tool to reverse engineer Linux based binaries
- Basic navigation and usage
- How to identify and reconstruct structures, local variables and other program components
- Demonstrate and explain the methodologies used when approaching an unknown program with Ghidra
- Where to start when looking at an unknown binary
- How to quickly gain an understanding of an unknown program
- Provide challenges and "crackme" exercises so that students gain hands on experience with Ghidra
Tags
Syllabus
Class 1 outline
0:00 - Presentation Outline
2:50 - What is Software Reverse Engineering?
4:12 - Software Engineering Review
24:54 - x86_64 Architecture Review
45:10 - Ghidra Overview and Basic Usage
Class 2 outline
Intro: 0:0
Assembly Language / Applying Function Signatures: 3:08
Imports and Exports: 8:49
Control Flow Statements in Assembly Language: 10:23
Switch Statements in Assembly Language: 18:10
Loops in Assembly Language: 24:34
Variables in Assembly Language: 32:42
Functions in Assembly Language: 39:46
Heap Memory: 48:08
Array Accesses in Assembly Language: 50:11
Class 3 Outline
0:00 Intro
2:36 - SRE Tool Landscape
8:03 - Structs: ASM, Identificaion and Ghidra Analysis
20:19 - Pointers: ASM, Identificaion and Ghidra Analysis
35:30 - Enums: ASM, Identificaion and Ghidra Analysis
40:00 - x86_64 System Calls
45:40 - File Operations
51:02 - Ghidra Tips: Patching, Bookmarks, Searching, Comments
Class 4 Outline
0:00 - Intro
3:14 - Ghidra: Loading External Libraries
10:31 - Ghidra: Patch Diffing and Analysis
19:30 - Ghidra: Checksum Tool
21:38 - Ghidra: Memory Manager
25:39 - Ghidra Internals: PCODE and SLEIGH
39:00 - Ghidra Extensions
45:00 - Ghidra Scripting Overview and Examples
Online Course 
Introduction to Reverse Engineering with Ghidra
-
TypeOnline Course
-
Provider
Course Goals
- Familiarize students with the basic concepts behind software reverse engineering
- x86_64 Architecture Review
- Identifying C constructs in assembly code
- Disassembly vs Decompilation
- Teach students how to use the Ghidra SRE tool to reverse engineer Linux based binaries
- Basic navigation and usage
- How to identify and reconstruct structures, local variables and other program components
- Demonstrate and explain the methodologies used when approaching an unknown program with Ghidra
- Where to start when looking at an unknown binary
- How to quickly gain an understanding of an unknown program
- Provide challenges and "crackme" exercises so that students gain hands on experience with Ghidra
Class 1 outline
0:00 - Presentation Outline
2:50 - What is Software Reverse Engineering?
4:12 - Software Engineering Review
24:54 - x86_64 Architecture Review
45:10 - Ghidra Overview and Basic Usage
Class 2 outline
Intro: 0:0
Assembly Language / Applying Function Signatures: 3:08
Imports and Exports: 8:49
Control Flow Statements in Assembly Language: 10:23
Switch Statements in Assembly Language: 18:10
Loops in Assembly Language: 24:34
Variables in Assembly Language: 32:42
Functions in Assembly Language: 39:46
Heap Memory: 48:08
Array Accesses in Assembly Language: 50:11
Class 3 Outline
0:00 Intro
2:36 - SRE Tool Landscape
8:03 - Structs: ASM, Identificaion and Ghidra Analysis
20:19 - Pointers: ASM, Identificaion and Ghidra Analysis
35:30 - Enums: ASM, Identificaion and Ghidra Analysis
40:00 - x86_64 System Calls
45:40 - File Operations
51:02 - Ghidra Tips: Patching, Bookmarks, Searching, Comments
Class 4 Outline
0:00 - Intro
3:14 - Ghidra: Loading External Libraries
10:31 - Ghidra: Patch Diffing and Analysis
19:30 - Ghidra: Checksum Tool
21:38 - Ghidra: Memory Manager
25:39 - Ghidra Internals: PCODE and SLEIGH
39:00 - Ghidra Extensions
45:00 - Ghidra Scripting Overview and Examples
