Reverse Engineering Malware Part III
Reverse engineering is one of the most well-paid skills in Cybersecurity. If you want to know how to do it, then this is the right course for you. This is Part III.
This intensive 3-day course equips cybersecurity professionals with the practical skills to dissect Windows malware and understand the internals of executable binaries. Through hands-on labs and real-world case studies, participants will deconstruct the Portable Executable (PE) format, analyze the internal mechanisms of the Windows operating system, and explore how modern ransomware operates at a binary level.
Using live samples of Cactus and LockBit 3.0, students will trace malware behavior, unravel execution flows, and extract TTPs from packed and obfuscated binaries. The course bridges theory and practice by exploring how system APIs, memory management, and persistence techniques are abused.
Participants will work with professional-grade tooling, including IDA Pro, Ghidra, x64dbg, PE-Bear, Detect It Easy, and much more. Emphasis is placed on unpacking techniques, API resolution, string decryption, and code flow recovery. By the end of the course, students will not only understand how malware works but also how the OS responds internally, forming a deep, OS-level perspective essential for analysts, threat hunters, and reverse engineers alike.
01 Introduction To REM 3
02 Introduction To Pe Anatomy
03 Dos Header
04 File Header
05 Optional Header
06 Section Header
07 Imports
08 Exception Baserelocate Tls
09 Pe Anatomy Recap
10 Cactus General Overview
11 Cactus First Look Into Die
12 Cactus Entropy Levels Packed Version
13 Cactus Strings Openssl Packed Version
14 Cactus Strings Chacha20 Packed Version
15 Cactus Strings Http Packed Version
16 Cactus Imports Packed Version
17 Cactus Unpacking And First Look
18 Cactus File System Implications
19 Cactus Chacha20 Implementation
20 Cactus Ghidra Session
21 Lockbit3 Introduction
22 Lockbit3 Detonation
23 Lockbit3 Basic Triage
While not mandatory, it is recommended that participants have the following tools installed to fully engage with the hands-on exercises:
These tools will enhance your ability to work effectively with the course materials and practical exercises.
Master offensive cybersecurity with our Red Team Operator course. Learn adversary simulation, C2 frameworks, evasion, privilege escalation, and stealth techniques used by real-world threat actors. Hands-on and advanced.
$99
In this Bug Bounty Hunting course, Master OTW will teach you how to seek and exploit application vulnerabilities using the necessary tools and techniques.
$199
This program is designed to elevate your career to the highest level through a 3-year training journey, featuring 65+ courses covering all the knowledge required to become a cybersecurity expert.
$4,000
Join our Advanced SDR Hacking and Security course to master sophisticated techniques, engage in hands-on projects, and learn from industry experts. Elevate your skills with cutting-edge tools and real-world applications.
$299