Le Hackfest est fier d’offrir la formation “Assembly programming for the reverse engineer” par CSE Canada!
Formation en anglais
Assembly programming is such a large subject in itself. Mix in some reverse engineering and you essentially end up with a whole field. No matter what tool you’re using and no matter what your experience level, software reverse engineering of native binaries, most of the time, goes down to what the underlying assembly code aims at doing. To that extend, we strongly believe that, in order to become a proficient software reverse engineer, one has to learn about assembly programming. Not because writing assembly code has any importance or because it’s cool. We think learning how to write assembly is important because reading code is already a hard thing.
How can you efficiently read code to a language you don’t know? How can you quickly learn a language without writing code for that language?
So what is that training about?
Assembly programming for the reverse engineer is about learning how to write assembly. On top of this, it’s also learning how the computer works in order to understand generated blocks of code and how the operating system deals with the user and the machine. In order to acquire the required skills, participants will go through multiple programming and reverse engineering exercises. The training will conclude on a short challenge that will involve both programming and reverse engineering. What architecture will we be using? Who knows? After all, when reversing a random binary, one does not choose the architecture the original programmer wrote the binary for. However, you can safely expect that various architectures will be used as part of this training.
Topics that will be covered in the class include:
- Intel x86 and x64 architecture
- Execution modes
- Privilege level (introduction only)
- Memory management facilities (introduction only)
- Interrupt management facilities (introduction only)
- X86 assembly programming
- Use of NASM in assembly programming
- Basic instruction as well as floating point operations
- X64 assembly programming
- Differences between x86 and x64
- ARM assembly programming
- Use of GAS in assembly programming
- Basic instructions
- Relationship between high level code and assembly code
- General code construct analysis in assembly language
- C++ code analysis in assembly language
- Data structure analysis in assembly language
- Assembly level debugging and data inspection
- General use of reverse engineering tools
- Trick bag
- Various tricks to make the SRE process faster scattered through the training
At the end of the training, it is expected that all participant should be able to perform assembly code level analysis of an intermediate degree of difficulty as well as explaining precisely how code written using high level language would show up in assembly code.
Inclus avec la formation
- Badge pour les conférences du 3 et 4 novembre
- Dîner les 3 jours de formation (31 octobre & 1-2 novembre)
- Pause café
- 9h00 to 16h00 each day
To be announce
To be announce
- Anyone who wishes to be part of this training should full fil the following pre-requisite:
- Basic understanding of the software build process (Compiling - Assembling - Linking)
- Basic understanding of computer architecture and operating systems concepts (Assembly VS.Machine code, User mode VS. Kernel mode)
- Basic experience with source code level debugging
- Basic experience with data structure at source code level (tables, link lists)
- Intermediate understanding of at least 1 programming language (Basic C knowledge is a must)
- Understanding of numeral systems and conversion of numbers across these numeral systems (binary, decimal and hexadecimal)
Details will be sent to students before the class begins