Requirements
- Basic Programming Knowledge
Description
Breaking something down and putting it back together is a process that
helps people understand how things were made.
A person would be able to redo and reproduce an origami by unfolding it
first. Knowing how cars work requires understanding each major and minor
mechanical part and their purposes. The complex nature of the human anatomy
requires people to understand each and every part of the body. How? By
dissecting it. Reverse engineering is a way for us to understand how things
were designed, why is it in its state, when it triggers, how it works, and what
its purpose is. In effect, the information is used to redesign and improve for
better performance and cost. It can even help fix defects.
Imagine if the Trojan Horse was thoroughly inspected and torn down
before it was allowed to enter the gates of a city. This would probably cause a
few dead soldiers outside the gate fighting for the city. The next time the
city is sent another Trojan Horse, archers would know where to point their
arrows. And no dead soldiers this time. The same is true for malware
analysis—by knowing the behaviors of a certain malware through reverse
engineering, the analyst can recommend various safeguards for the network.
Think of it as the Trojan Horse being the malware, the analyst being the
soldier who initially inspected the horse, and the city being the network of
computers.
Anyone seeking to become a reverse engineer or an analyst should have
the trait of being resourceful. Searching the internet is part of reverse
engineering. An analyst would not plainly rely on the tools and information we
provide in this udemy course. There are instances that an analysis would even
require reverse engineer to develop their own tools. Software auditing may
require reverse engineering. Besides high-level code review processes, some
software quality verification also involves implementing reverse engineering.
The aim of these test activities is to ensure that vulnerabilities are found
and fixed. There are a lot of factors that are not taken into consideration
during the design and development of a piece of software. Most of these are
random input and external factors that may cause leaks, leading to
vulnerabilities. These vulnerabilities may be used for malicious intents that
not only disrupt the software, but may cause damage and compromise the system
environment it is installed in. System monitoring and fuzzing tools are
commonly used when testing software. Today's operating systems have better
safeguards to protect from crashing. Operating systems usually report any
discrepancies found, such as memory or file corruption. Additional information,
such as crash dumps, are also provided in this course. From this information, a
reverse engineer would be able to pinpoint where exactly in the software they
have to inspect.
In the software security industry, one of the core skills required is
reverse engineering. Every attack, usually in the form of malware, is reversed
and analyzed. The first thing that is usually needed is to clean the network
and systems from being compromised. An analyst determines how the malware
installed itself and became persistent. Then, they develop steps for
uninstalling the malware. In the anti-malware phase, these steps are used to
develop the clean-up routine, once the anti-malware product is able to detect
that the system has been compromised. The analysis provides information about
how the malware was able to compromise the system. With this information,
network administrators are able to impose policies to mitigate the attack. If
the malware was able to enter the system because of a user opening an email
attachment that contains JavaScript code, the network administrator would
implement the blocking of emails that contain a JavaScript attachment.
Who this course is
for:
- Reverse Engineer
- Malware Analysis
- Low-Level Debugging
- Reverse Engineering
- Malware Analysis
- Debugging
- Analysis Types and Reporting
- Basic Operating System Components
- Memory Types
- File System Types
- R2D2 Malware Analysis
- Cridex Malware Analysis
- Volatility
- Low Level Assembly Debugging
- Windows Registry
- Stack Guard Bypass
- Method Exploitation
- Low Level View
- Software Exploitation
