This event has ended. Visit the official site or create your own event on Sched.
Back To Schedule
Thursday, October 10 • 1:00pm - 3:00pm
RE-1012 Ghidra for the begineer reverse enginering

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

The open-source release of the NSA's Ghidra disassembler gives software reverse engineers a free option for high-capability interactive analysis of binary code. Many software reverse engineering (SRE) practitioners have been spending time since the release learning about Ghidra and bringing it into their workflow. It also gives those new to SRE a toolset to learn with that is not restricted by commercial license costs or "demo" limitations.

The goal of this session is to expose attendees with no prior reverse engineering experience to the Ghidra disassembler. Ghidra will be used as an environment in which the basics of reading, navigating, and analyzing executable code will be demonstrated. Dr. McGrew will demonstrate how to install and configure Ghidra, and then load a series of sample programs that he will use to illustrate:
Strategies for analyzing unknown programsLinking and loading in WindowsData typesC code constructs in assembly
All of these concepts will be discussed in the context of the iterative process of reverse engineering unknown code--using what we know about the program based on its API calls and overtly documented information to deduce the types and purposes of undocumented variables and functions.

Attendees who wish to follow along should bring a laptop with Ghidra installed (http://ghidra-sre.org). A link will be provided in-class to samples that will be used. Following along is not required! Attendees who simply observe and ask questions will still gain a useful exposure to reverse engineering and Ghidra. Resources for continuing to learn reverse engineering will be recommended.

avatar for Wesley McGrew

Wesley McGrew

Director of Cyber Operations, HORNE Cyber
Dr. McGrew serves as director of cyber operations for HORNE Cyber. Known for his work in offense-oriented network security, Wesley specializes in penetration testing, vulnerability analysis, reverse engineering of malicious software and network traffic analysis. Wesley is the author... Read More →

Thursday October 10, 2019 1:00pm - 3:00pm CDT
BONHAM 3-C | Expert 1 600 E Market St, San Antonio, TX Floor 3