Malware Reverse Engineering Track
This class is designed for incident responders that need to revere malware. This class is designed to take students through a systematic approach for incident response reverse engineering of malware. Students will leave having a foundational knowledge on all angles for reverse engineering windows executables and various other file types.
- Laptop running VMware Workstation at least version 9. (VMware Fusion on the Mac is fine)
- Fully configured VMWare Workstation Windows 7 virtual machine (An XP image will work as well, but class is designed around Windows 7). You must have administrative privileges and be able to completely disable AV or remove it on all machines.
If you bring a system with VirtualBox, VMware ESX Server, or anything that is not VMware Workstation be aware that some (possibly all) of the labs might have problems.
Copies of the free tools such as Ollydb, Sysinternal tools, etc. Students will also be given a virtual machine and various free software that the class author(s) have written.
TracerFIRE 5 Overview
Tracer FIRE 5 will be held entirely online. We recommend setting up dedicated space for participants at your site, so that they may focus on the training and excercise, away from their normal work environment.
Larger "regional hubs" are being established in key cities for participants to congregate. Information about hubs will be emailed to you after you register.