What learning paths is this class used in?
Exploits, Malware Analysis, and Reverse Engineering.
Does the instructor teach this class in person?
Yes, both hybrid structure and in-person. Twitter: 0xgalz, email: galzaban[@]ost2.fyi
The “Reverse Engineering 3011: Reversing C++ Binaries” course is an advanced reverse engineering class for security researchers who want to expand their horizons and skills in reverse engineering C++ binaries.
C++ binaries are full of mysteries, they have objects, inheritance, templates, vtables, and many more, and reverse engineering them is a task of its own. In order to correctly and clearly map a C++ compiled binary it requires a vast knowledge of C++ internals.
The course will explain C++ reverse engineering topics including techniques and tools for researching C++ Binaries. We will start with understanding basic C++ objects, how to identify and create their structures in IDA and continue with C++ Inheritance, Virtual Calls and Templates. We will also study work methods for reverse engineering C++, practice, fight and ,untangle C++ programs using static analysis.
For this course you would need to have prior knowledge in reverse engineering in IDA and be familiar with x86-64 assembly instructions. The course covers various topics of C++ reverse engineering so a basic understanding of C++ code is also necessary.
Exploits, Malware Analysis, and Reverse Engineering.
Yes, both hybrid structure and in-person. Twitter: 0xgalz, email: galzaban[@]ost2.fyi
Gal Zaban is a reverse engineer with a particular interest in C++ code, currently working as a vulnerability researcher on embedded systems.
She has experience researching low-level systems including embedded systems, hypervisors, operating systems and reverse engineering binaries of various assembly architectures.
As part of her journey in understanding the catacombs of C++, she developed various reverse engineering tools for C++ research including 'Virtuailor'. Gal also presented in various conferences such as RECon,Troopers, Cppcon, HandmadeSeattle and CoreC++. She also actively tried to raise awareness for the security of modern C++ aspects and explain what happens behind the scenes when a C++ binary is being reverse engineered. Gal gives both public and private training on various reverse engineering topics.
In her spare time when she's not dwelling into low-level research, Gal designs and sews clothes, and plays the Clarinet. Twitter: @0xgalz