Reverse Engineering Basics for Malware & Program Analysis
This course is intended for anyone just starting on their reverse engineering journey. It covers all of the basics required for more specialized applications of reversing like malware analysis, vulnerability research, and program analysis. From processors and assembly languages, to memory addressing and layout, to compilers and common language features, this class starts from ground zero and covers everything you need to know.
Learning Objectives
Students will understand:
Students’ Knowledge Pre-Requisites:
Attendees must have a solid understanding of Windows internals and familiarity with user-mode development on Windows using Win32 APIs. This is a developer-oriented course and attendees are expected to have prior experience with C/C++ programming on Windows 10.
Course Outline:
At the end of each topic during the class, students get to vote on which topic they'd like to explore next. This allows us to accommodate a wide array of student backgrounds by spending more time on the things you need to know, and less time on the things you're already a pro at.
This course will cover the following assembly concepts:
You'll learn the basic skills every reverse engineer should know about reading assembly (x86, x86-64, ARM, MIPS, etc), but also how to circumvent the need to do so as much as possible. Instead, this class aims to make you fluent in the high-level abstractions provided by modern decompilers and analysis frameworks, their associated interactive features, and how to achieve an understanding of a program.
Requirements
Students will need:
Prerequisites
Familiarity with Python and C would be helpful, but not required. You must understand variables, if/while/for/etc logic, numbers in different bases, truth tables, and similar fundamental computing concepts.
Why choose the Center for Cyber Security Training
Interactive, classroom-based learning
Subject matter experts
Trusted by US government agencies
Peter Van Eeckhoutte
Peter Van Eeckhoutte is the founder of Corelan Team and the author of the well-known tutorials on Win32 Exploit Development Training. The team gathers a group of IT Security enthusiasts and researchers from around the world, who all share common interests : doing research, gather & share knowledge, and perform responsible/coordination disclosure. Above all, the team is well known for their ethics and their dedication to helping other people in the community. Together with the team, he has developed and published numerous tools that will assist pentesters and exploit developers, and published whitepapers/video’s on a wide range of IT Security related topics (pentesting tools, (malware) reverse engineering, etc).
You can find some of the tools on the Corelan github page.
Peter has been an active member of the IT Security community since 2000 and has been working on exploit development since 2006. He presented at various international security conferences (Athcon, Hack In Paris, DerbyCon, ISSA Belgium) and taught various Win32 Exploit Development courses at numerous places around the globe. He trained security enthusiasts & professionals from private companies, government agencies and military organizations.
Classes are limited. Get registered!
One of the most gruelling yet beneficial training courses that I have ever attended in my entire ofsec career! This course is definitely a good start for those who really want to get well acquainted with the basics of exploit development. On top of that, Peter is such an amazing instructor in terms of delivering his content and sharing with us some tips and tricks when facing problems during the lab exercises. Highly recommend.Hamzah, Singapore
Want more information?
Download the Reverse Engineering course outline now.
Upcoming Training Sessions
March 10-13, 2025 (In-person, Columbia, MD) August 25-28, 2025 (In-person, Columbia, MD)
Classes are limited.
Enroll Now.
Related Courses
Our classroom delivers the most in-demand content from the highest profile subject matter experts. Intense and interactive, our courses prepare students with actionable insight and proven strategies.
Digital Forensics & Incident Response
Gain practical skills in identifying, investigating, and responding to cyber threats with this hands-on Digital Forensics and Incident Response (DFIR) course. Covering everything from malware and memory analysis to network and OS forensics, it’s ideal for anyone looking to dive into the world of cyber defense.
Windows Malware Techniques (WINMAL)
Explore cutting-edge user-mode malware techniques on Windows—perfect for red teamers, malware analysts, and defenders looking to understand, analyze, and detect malicious behavior using Windows APIs and system internals.
