BEGIN:VCALENDAR VERSION:2.0 PRODID:Data::ICal 0.24 BEGIN:VEVENT DESCRIPTION: 'Title: The Joy of Reverse Engineering: Learning With Ghidra and\n WinDbg (Pre-Registration Required)\n When: Saturday\, Aug 12\, 14:00 - 17:59 PDT\n Where: Flamingo - Exec Conf Ctr - Foyer - Workshop C heckin - [1]Map\n\n SpeakerBio:Wesley McGrew \, Senior Cyber Fellow at M artinFed\n Dr. Wesley McGrew directs research\, development\, and offens ive cyber\n operations as Senior Cybersecurity Fellow for MartinFederal. He has\n presented on topics of penetration testing and and malware ana lysis at\n DEF CON and Black Hat USA and taught a self-designed course o n reverse\n engineering to students at Mississippi State University\, us ing\n real-world\, high-profile malware samples. Wesley has a Ph.D. in\n Computer Science from Mississippi State University for his research in\ n vulnerability analysis of SCADA HMI systems.\n Twitter: [2]@McGrewSe curity\n\n Description:\n While it can be intimidating to "get into" s oftware reverse\n engineering (RE)\, it can be very rewarding. Reverse e ngineering skills\n will serve you well in malicious software analysis\, vulnerability\n discovery\, exploit development\, bypassing host-based protection\, and\n in approaching many other interesting and useful prob lems in hacking.\n Being able to study how software works\, without sour ce code or\n documentation\, will give you the confidence that there is nothing\n about a computer system you can't understand\, if you simply a pply\n enough time and effort. Beyond all of this: it's fun. Every malic ious\n program becomes a new and interesting puzzle to "solve".\n\n Th e purpose of this workshop is to introduce software reverse\n engineerin g to the attendees\, using static and dynamic techniques with\n the Ghid ra disassembler and WinDbg debugger. No prior experience in\n reverse en gineering is necessary. There will be few slides--concepts\n and techniq ues will be illustrated within the Ghidra and WinDbg\n environments\, an d attendees can follow along with their own laptops\n and virtual enviro nments. We will cover the following topics:\n\n * Software Reverse Eng ineering concepts and terminology\n\n * Setting up WinDbg and Ghidra\n \n * The execution environment (CPU\, Virtual Memory\, Linking and\n Loading)\n\n * C constructs\, as seen in disassembled code\n\n * Combining static and dynamic analysis to understand and document\n compiled binary code\n\n * Methodology and approaches for reverse e ngineering large programs\n\n * Hands-on malware analysis\n\n * Ho w to approach a "new-to-you" architecture\n\n Skill Level: Beginner\n\n Prerequisites for students:\n - No previous reverse engineering experi ence required. - Basic\n familiarity with programming in a high-level la nguage is necessary (C\n preferred\, Scripting languages like Python wou ld be okay).\n\n Materials or Equipment students will need to bring to p articipate: - A\n laptop with a fresh Windows 10 Virtual Machine. - Bein g able to\n dedicate 8GB RAM to the VM (meaning\, you probably have 16GB in your\n laptop) will make the experience smoother\, but you can get b y with 4GB\n - 10 GB storage free in the VM (after installing Windows) - \n Administrative privileges\n - Ability to copy exercise files from U SB\n\n We will be working with live malware samples. Depending on your\n comfort level with this\, bring a "burner" laptop\, use a clean drive\, \n or plan on doing a clean install before and after the workshop.\n\n '\n\n 1. #FlamingoLowerLevel\n 2. https://twitter.com/McGrewSecurity\ n\n\n DTEND:20230813T005900Z DTSTART:20230812T210000Z LOCATION:WS - Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin SUMMARY:The Joy of Reverse Engineering: Learning With Ghidra and WinDbg (Pr e-Registration Required) END:VEVENT END:VCALENDAR