Reverse Engineering Malware Training Boot Camp

Transform your career in 5 days

Learn how to reverse engineer and analyze malware! Reverse engineering is a vitally important skill for today’s expert security professional. Keep your organization safe by digging into the viruses, Trojans and rootkits being used by cybercriminals.

4.6 (738 ratings)

Affirm Financing available
Exam Pass Guarantee

Course essentials

Reverse Engineering Malware training at a glance

  • Method

    Online, in-person, team onsite

  • Duration

    5 days

  • Experience

    1-3 years of experience

What you'll learn

Training overview

Infosec’s hands-on Reverse Engineering Boot Camp teaches you the necessary analytical skills to discover the true nature of any Windows binary. You’ll learn how to recognize the high-level language constructs (such as branching statements, looping functions and network socket code) critical to performing a thorough and professional reverse engineering analysis of a binary. After learning these important introductory skills, you will advance to the analysis of hostile code and malware, vulnerabilities in binaries, binary obfuscation schemes and more.

You will gain hands-on experience with popular commercial and open-source decompilers and debuggers, as well as learn how to use various hex editors, binary analysis programs and code coverage analyzers. The boot camp also prepares you to pass the Certified Reverse Engineering Analyst (CREA) exam.

Award-winning training you can trust

Don't take our word for it

Read our independent reviews via TrustRadius

  • 10 out of 10 March 04, 2024

    An excellent choice to keep up with cybersecurity education

    The field of information security is constantly evolving as new threats are discovered each day. Our consultants have to keep up with new knowledge and techniques to conduct pentesting, vulnerability remediation, computer forensic audits, and so on. Traditional training in cybersecurity is very expensive, lengthy, and lacks practical experience. When we found Infosec Skills we were impressed with the many themes available in their library, their focus, and also with the price, which is very economic in comparison with other alternatives. Also, their cyber ranges allow our employees to practice the skills needed in a very practical way. We are very happy to count on Infosec [Skills] as an educational ally.

    Karina Astudillo

    Karina Astudillo

    CEO (Chief Executive Officer)

  • 10 out of 10 March 01, 2024

    Fantastic Product

    Our security department is in its infancy and we use it daily to learn best practices and educate ourselves on tools that can be used to help secure our environment. There are a couple of staff members looking to obtain certifications and it's also used to prepare them for the test.

    Brian Shetter

    Brian Shetter

    Security Engineer / Analyst

  • 10 out of 10 August 28, 2023

    The top notch cyber security knowledge hub

    We have relied on Infosec Skills to get the latest data and information on cyber security. The company has welcoming staff that interacts freely with our members during training sessions. I have acquired top notch skills of discovering threats from internet. The frequent awareness data helps us to set policies of countering new forms of ransomware attacks. I have advanced my knowledge on modern cyber attacks and I can collaborate with my colleagues with confidence.

    Susan Davone

    Susan Davone

    Administrative Clerk

Ready to discuss your training goals? We've got you covered.

Complete the form and book a meeting with a member of our team to explore your learning opportunities.

Sorry, we're unable to load the form at the moment. Please check your browser's settings to confirm the form is not blocked. You can contact us and report the issue here: infosec.info@cengage.com.

Step 1

Step 2

Finish

Step 1

Step 2

Finish

Thanks! We look forward to meeting with you!

What's included

Everything you need to know

 Certification Logo
  • 90-day extended access to Boot Camp components, including class recordings
  • 100% Satisfaction Guarantee
  • Exam Pass Guarantee
  • Exam voucher
  • Free 90-day Infosec Skills subscription (access to 1,400+ additional courses and labs)
  • Hands-on cyber ranges and labs
  • Knowledge Transfer Guarantee
  • Onsite proctoring of exam
  • Pre-study learning path
  • Unlimited practice exam attempts

What makes the Infosec Reverse Engineering Malware prep course different?

You can rest assured that the Reverse Engineering Malware training materials are fully updated and synced with the latest version of the exam. With 20 years of training experience, we stand by our Reverse Engineering Malware training with an Exam Pass Guarantee. This means if you don’t pass the exam on the first attempt, we’ll pay for your second exam at no additional cost to you!

Syllabus

Training schedule

Day 1
Morning session

Introduction to malware analysis and reverse engineering

  • Basic static and dynamic analysis
  • Reverse engineering concepts and legality
  • Machine code
  • Assembly language
  • System- and code-level reversing
  • Assembly basics (registers, operands, instructions)
  • Fundamentals of reverse engineering tools (IDA Pro, Radare2)
Afternoon session

Introduction to malware analysis and reverse engineering continued

  • Basic static and dynamic analysis
  • Reverse engineering concepts and legality
  • Machine code
  • Assembly language
  • System- and code-level reversing
  • Assembly basics (registers, operands, instructions)
  • Fundamentals of reverse engineering tools (IDA Pro, Radare2)
Evening session

Optional group & individual study

Day 2
Morning session

Static and dynamic analysis

  • Recognizing C Code constructs in assembly
  • Windows API
  • Windows Registry
  • Network APIs
  • DLLs
  • Processes, threads and services
  • Debugging process (stepping, breakpoints, modifying execution)
  • Kernel debugging
  • Debugging tools
Afternoon session

Static and dynamic analysis continued

  • Recognizing C Code constructs in assembly
  • Windows API
  • Windows Registry
  • Network APIs
  • DLLs
  • Processes, threads and services
  • Debugging process (stepping, breakpoints, modifying execution)
  • Kernel debugging
  • Debugging tools
Evening session

Optional group & individual study

Day 3
Morning session

Analyzing malware functionality and behavior

  • Understanding common malware types and functionality
  • Process injection and replacement
  • DLL injection
  • Direct, hook and APC injection and other malware launching techniques
  • Registry persistence
  • Sxchost.exe
  • Trojanized system binaries
  • DLL load order hijacking
  • Malware network behavior analysis
  • Kernel mode rootkits (SSDT hooking, interrupts)
  • User mode rootkits
Afternoon session

Analyzing malware functionality and behavior continued

  • Understanding common malware types and functionality
  • Process injection and replacement
  • DLL injection
  • Direct, hook and APC injection and other malware launching techniques
  • Registry persistence
  • Sxchost.exe
  • Trojanized system binaries
  • DLL load order hijacking
  • Malware network behavior analysis
  • Kernel mode rootkits (SSDT hooking, interrupts)
  • User mode rootkits
Evening session

Optional group & individual study

Day 4
Morning session

Anti-reversing techniques

  • Basic anti-reversing strategies
  • Anti-disassembly
  • Detecting debuggers
  • Detecting VM presence
  • Analyzing packed executables
  • Popular packers (UPX, PECompact, ASPack, etc.)
  • Simple obfuscation techniques (XOR swap, junk code, etc.)
  • Obscuring through data flow and control flow
  • Constant unfolding
  • Deobfuscation tool
  • Base64 and other encoding schemes
  • Common ciphers and encoding schemes
  • Reversing ransomware
Afternoon session

Anti-reversing techniques continued

  • Basic anti-reversing strategies
  • Anti-disassembly
  • Detecting debuggers
  • Detecting VM presence
  • Analyzing packed executables
  • Popular packers (UPX, PECompact, ASPack, etc.)
  • Simple obfuscation techniques (XOR swap, junk code, etc.)
  • Obscuring through data flow and control flow
  • Constant unfolding
  • Deobfuscation tool
  • Base64 and other encoding schemes
  • Common ciphers and encoding schemes
  • Reversing ransomware
Evening session

Optional group & individual study

Day 5
Morning session

Advanced reversing topics

  • Recognizing C++ binaries
  • Identifying constructors and destructors
  • RTTI
  • 64-bit architecture
  • WoW64
  • 64-bit analysis
Afternoon session

CREA exam review

CREA exam

Unlock team training discounts

If you’re like many of our clients, employee certification is more than a goal — it’s a business requirement. Connect with our team to learn more about our training discounts.

Guaranteed results

Our boot camp guarantees

Exam Pass Guarantee

If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year (does not apply to CMMC-AB boot camps).

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.

Knowledge Transfer Guarantee

If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.

You're in good company

EH

The instructor was able to take material that prior to the class had made no sense, and explained it in real world scenarios that were able to be understood.

Erik Heiss, United States Air Force
MJ

I really appreciate that our instructor was extremely knowledgeable and was able to provide the information in a way that it could be understood. He also provided valuable test-taking strategies that I know not only helped me with this exam, but will help in all exams I take in the future.

Michelle Jemmott, Pentagon
RC

The course was extremely helpful and provided exactly what we needed to know in order to successfully navigate the exam. Without this I am not confident I would have passed.

Robert Caldwell, Salient Federal Solutions