ISEC 640 Software Reverse Engineering
This course provides the ability to deduce the design of a software component, to determine how something works (i.e., recover the software specification), discover data used by software, and to aid in the analysis of software via disassembly and/or decompilation. The ability to understand the software of unknown origin or software for which source code is unavailable is a critical skill within the cyber operations field. Use cases include malware analysis and auditing of closed source software.
Covered re the following topics: reverse engineering techniques; reverse engineering for software specification recovery; reverse engineering for malware analysis; reverse engineering communications (to uncover communications protocols) deobfuscation of obfuscated code; common tools for reverse engineering such as disassemblers, debuggers, virtualization-based sandbox environments, process and file activity monitors, and network activity monitors.