This event has ended. Visit the official site or create your own event on Sched.
Back To Schedule
Friday, October 11 • 1:00pm - 3:00pm
RE-1080 Intro to Reverse Engineering with Ghidra: Taming the Dragon

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

The advent of Ghidra has lowered the bar in terms of price and skill gap for getting involved in software reverse engineering. In this workshop we shall go through getting spun up on Ghidra and utilizing it to reverse binaries and automate different portions of our analysis.
1.      What is Ghidra?
a. Software Reverse Engineering Tool with version management / decompiles
b. Talk about github/issue tracking
2. What is Reverse Engineering?
a. Compiled code -> ASM
b. Figuring out how binaries work
i. Malware, CTFs, etc
3. Introduction to reversing topics
a. Disassembling
b. Decompilation
c. IL / AST
4. Server Collaboration
a. Use cases
5. Useful features
a. Themes and configurations
b. Handling XREFs / Function Call Trees
c. Navigating the Symbol Tree
6. Useful Plugins / Github Repos
7. Getting Started with Ghidra
a. Building your first project
b. importing Binaries / Libraries
c. Structuring your project
8. Patching Binaries
9. Reversing Binaries
a. Guided reversing of several binaries

10. Introduction to P-Code
11. Scripting
a. Automating analysis of binaries using p-code (python/java)
12. Takeaways
13.  Conclusion / Questions

Requirements: Attendees should bring their own laptops and have a linux distro  installed in a virtual machine or on the host. Ghidra should be downloaded and unzipped prior to the class from https://ghidra-sre.org/. Currently the newest version is 9.0.4 however newer versions will be acceptable and supported.
A basic understanding of C and X86 ASM, Java, and Python are recommended. An installation of GDB, strace, and ltrace are also recommended.

avatar for Christopher Doege

Christopher Doege

Cyber Software engineer, Raytheon
Christopher Doege is a Cyber Software engineer at Raytheon. In his free time he likes to CTF with Nasa Rejects and reverse engineer malware. Chris graduated from The University of Texas at San Antonio with a BS in Computer Science and is a local to the San Antonio area.

Friday October 11, 2019 1:00pm - 3:00pm CDT
BONHAM 3-E | Expert 3 600 E Market St, San Antonio, TX Floor 3