LANL | Cyber Security Research

Cyber Security Science

Tracer FIRE 5

Malware Reverse Engineering Track

This class is designed for incident responders that need to revere malware. This class is designed to take students through a systematic approach for incident response reverse engineering of malware. Students will leave having a foundational knowledge on all angles for reverse engineering windows executables and various other file types.


  • Laptop running VMware Workstation at least version 9. (VMware Fusion on the Mac is fine)
  • Fully configured VMWare Workstation Windows 7 virtual machine (An XP image will work as well, but class is designed around Windows 7). You must have administrative privileges and be able to completely disable AV or remove it on all machines.

If you bring a system with VirtualBox, VMware ESX Server, or anything that is not VMware Workstation be aware that some (possibly all) of the labs might have problems.


Copies of the free tools such as Ollydb, Sysinternal tools, etc. Students will also be given a virtual machine and various free software that the class author(s) have written.

TracerFIRE 5 Overview

Training Tracks


Tracer FIRE 5 will be held entirely online. We recommend setting up dedicated space for participants at your site, so that they may focus on the training and excercise, away from their normal work environment.

Larger "regional hubs" are being established in key cities for participants to congregate. Information about hubs will be emailed to you after you register.

About Us | Contact Us | Jobs | Library | Maps | Museum | Emergencies | Inside LANL | Inside Phone | Site Feedback

Operated by Los Alamos National Security, LLC for the U.S. Department of Energy's NNSA © Copyright 2010-12 LANS, LLC All rights reserved | Terms of Use | Privacy Policy