|
Overview
Reverse Engineering and Application security(ReAS) - Reverse engineering is a critical set of techniques and tools for understanding what software is really all about. Formally, it is “the process of analyzing a subject system to identify the system’s components and their interrelationships and to create representations of the system in another form or at a higher level of abstraction”. This allows us to visualize the software’s structure, its ways of operation, and the features that drive its behavior. The techniques of analysis, and the application of automated tools for software examination, give us a reasonable way to comprehend the complexity of the software and to uncover its truth.
Objectives
At the end of the program, a candidate will be able to:
- Understand different aspects of application security
- learn different approaches for Reverse Engineering and Application
- Learn anti-cracking techniques
- Get a strong foundation in dealing with new Malwares and gain expertise to analyze it
- Create secure code that cannot be easily hacked.
- Gain knowledge in application hacking and devising new exploits
- Get deeper understanding of foundations required for fuzzing
- Understand process of debugging applications for crucial vulnerability detection
Duration 40 hours (5 days)
Pre-requisites
H3X Certification from Orchidseven
The candidate must have basic knowledge of Assembly and C language.
Course outline: ReAS v2.0
The program covers the following domains:
Day One - Introduction to Reversing
Module 01: Assembly foundations
Assembly Language overview
Introduction to Instructions
Data Representation
Addressing modes
The Stack segment & Push & pop Instructions
Sample codes
Module 02: Win32 programming
Win32 programming Introduction
The windows programming model
The conceptual model
Windows operating modes
Program memory models
Static and dynamic linking
Sample program
Module 03: Windows Internals
Windows Internals
Low level data management
Stacks, Heaps and Data sections
Kernel vs. User memory
Virtual Memory and Paging
Module 04: The Art Reversing
Foundations of Reversing
The Reversing Process
Program Structure
Common Code Constructs
Identifying Variables & Lists
Reversing threaded applications
Defining the Win32 API
Introduction to tools used
Debugger: Ollydbg - Indepth
Hacking Challenges: Patching / Crackmes in C++ / Delphi
Day Two - Art of Reversing
Module 05: Disassembling
Understanding the disassembly.
Using a disassembler
Program appearance and settings
Working with dynamic link libraries
Modifying Code, Data and Registers
Module 06: Debugging
Understanding Breakpoints
Identifying program structures
Introduction to IDA pro
Using OllyDbg
Module 07: Cracking Approaches
Cracking approaches
Protection Technologies
Analyzing the Decrypted Code
Unlocking the Code
Brute-Forcing Your Way
Obfuscated Application/Operating System
Processor Time-Stamp Verification Thread
Runtime Generation of Decryption Keys
Interdependent Keys
User-Input-Based Decryption Keys
Heavy Inlining and Patching
Module 08: Getting on the battlefield
Sysinternal Tools
Cracking VB Applications
Cracking Delphi Applications
Cracking C/ C++ Applications
Intermediate patching
Walkthrough of cracking a commercial application
Different Approaches
Hacking Challenges: Cracking Commercial applications
Day Three - Dot Net and JAVA Reversing
Module 09: Dot Net Cracking
Ground Rules
.Net basics and .Net Architecture
The .Net file format
Inside .Net assemblies and metadata
Managed Code
Intermediate Language
Obfuscators
Intermediate CLI code
Decompiling Dot Net applications
Reversing .NET - Part 1 - Introduction
Reversing .NET - Part 2 - Byte Patching
Reversing .NET - Part 3 - Advanced Patching
Module 10: Java Reversing
Java based Application architecture
Portability
Byte Code
JVM
Concepts of decompiling
Cracking mobile applications
Module 11: Making your first Keygen
Introduction to KeyGen concepts
Keygen approaches
Getting inside the code
Patching the code
Making your first keygen
Hacking Challenges :Dot Net / Java Cracking & Coding Keygen
Day Four - Packers, Unpackers and Patching
Module 12: Packers and Unpackers
What are executable packers
How to unpack them
What are executable protectors
How to bypass protectors
How to unpack and de-protect Dot Net applications
How to unpack the most common Exe Packers
Module 13: Dumping and Patching
Dumping concepts
How to Dump the real Executable from a Protected One
Concept of Memory Loaders.
How to Patch Applications that are Packed or Protected.
Module 14: OllyDbg – Advanced Use
Using Ollydbg to unpack
Introduction to plugins in Ollydbg
Sample application unpacking and de-protecting
Day Five - Anti Reversing Techniques & Capture the Flag
Module 15: Anti-Reversing Techniques
Introduction to IsDebuggerPresent() API function
RDTSC Tricks
Introduction to Code Encryption Techniques
Anti-patching techniques
Sample application
Basic Exploit Coding & Sample PoC
Capture the Flag Contest
|
Courseware
There is no specific recommended book for the above program. Candidates attending the training will be given latest Reference notes in the industry for all the domains under the GNU GFDL License. Alternatively, a regularly updated electronic copy (pdf) will be freely available for download for all registered candidates.
A DVD / CD Kit with the tools covered in the domains will be given to the candidates.
ReAS Certification
Gold Level : Achieved when a delegate clears the Bootcamps (Lab exams)
| 
