Software Reverse Engineering (2020)
The intent of the Software Reverse Engineering Knowledge Unit is to provide students with the capability to perform reverse engineering of executable code to determine its function and effects, or to discover details of the implementation.
Students should be able to:
- Apply ethical and legal concepts to reverse engineering.
- Use common software reverse engineering tools and techniques to safely perform static and dynamic analysis of software (or malware).
- List common reasons for reverse engineering software.
- Describe how to protect software from reverse engineering attempts.
- Ethical and Legal issues associated with Reverse Engineering Software.
- Reverse Engineering Applications
- Malware Analysis
- Security Analysis
- Key Concepts
- Executable Structure
- Instruction Format
- Addressing Modes
- Programming/call conventions
- System Structure
- Reverse Engineering Tools
- Hex Editors
- System Utilities
- Reverse Engineering Techniques
- Code Analysis
- Register and Memory Analysis
- Behavioral analysis
- Clean Room approach
- Anti-reverse engineering techniques
Related Knowledge Units
- Sikorski, Michael and Honig, Andrew. Practical Malware Analysis: A Hands-On Guide to Dissecting Malicious Software, 1st Edition, ISBN-13: 978-1593272906. No Starch Press, San Francisco. 2012
- Eilam, Eldad. Reversing: Secrets of Reverse Engineering, Wiley Publishing, Inc. Indianapolis, IN. 2005.
Suggested academic readings
Sample knowledge test
Sample skills test
Sample abilities test
- Identify the command and control server for a malware sample
- Defeat a simple anti-RE technique (e.g. detection of running in a VM)
- Determine how a malware sample maintains persistence
Additional notes or materials