Lectures

Introductory Lectures

Please watch the relevant video prior to each class. Also, download the exercises onto your virtual machine - we will be using them during the class.

#	Topic	Video	Slides	In-class Exercises	Prereq- uisite	Video Length
intro-1	Introduction Famous Reverse Engineering Projects Binary Reverse Engineering Reverse Engineering vs. Software protection Attacks on Mobile Devices Attacks on Critical Infrastructure Attacks on Consumer Products Attacks on Media Distribution Attacks on Computer Games Protecting Malware https://LigerLabs.org		pdf			25m
model-1	Modeling Attacks and Defenses		pdf	models-1-exercises.pdf		20m

Low-level Programming

Lectures on X86 assembly code and machine code.

#	Topic	Video	Slides	In-class Exercises	Prereq- uisite	Video Length
X86-1	X86 Instruction Set Global Variables X86 Assembly Syntax Data Movement Instructions Arithmetic and Bitwise Instructions Switch Statements8-bit vs. 16-bit vs. 32-bit vs. 64-bit Addressing Modes x86 Example Execution x86 Intel vs. AT&T Syntax Disassembly		pdf	x86-1-exercises.zip		32m
x86-2	X86 Control Flow Instructions Unconditional Control Flow Instructions Conditional Control Flow Instructions Conditional Move Instructions Conditional Set Byte Instructions Disassembly with Binary Ninja		pdf	x86-2-exercises.zip	x86-1	26m
x86-3	X86 Memory Operations Global Variables More Data Movement Instructions Arrays Switch Statements Floating Point		pdf	x86-3-exercises.zip	x86-2	18m
x86-4	X86 Calling Conventions		pdf
x86-5	X86 Instruction Encoding		pdf

Static Analysis

Lectures on statically analyzing data and control flow.

#	Topic	Video	Slides	In-class Exercises	Prereq- uisite	Video Length
ast-1	Abstract Syntax Trees		pdf	ast-1-exercises.zip		20m
cfg-1	Control Flow Analysis		pdf	cfg-1-exercises.zip		22m
file-1	Executable File Formats Statically Linked Binaries Dynamically Linking LIBC Creating a Dynamically Linked Library Command Line Tools The ELF File Format		pdf	file-1-exercises.zip		12m
disass-1	Disassembly Linear Sweep Disassembly Recursive Descent Disassembly Issue #1: Finding Entry Points Issue #2: Statically Unknown Control Flow Issue #3: Mixing Code and Data Issue #4: Shared Basic Blocks Issue #5: Overlapping Instructions Anti-Disassembly Branch Functions Tigress		pdf	disass-1-exercises.zip	x86-2, cfg-1	25m

Dynamic Analysis

Lectures on debugging, tracing, etc.

#	Topic	Video	Slides	In-class Exercises	Prereq- uisite	Video Length
gdb-1	Debugging with gdb Running, Stepping, Breaking Automating Debugging Hardware vs. Software Breakpoints Patching with gdb Watchpoints Searching Gdb + Ghidra Extensions		pdf	gdb-1-exercises.zip	x86-2, ghidra-3	29m
trace-1	Tracing strace ltrace gdb trace points pintools		pdf	trace-1-exercises.zip	opaque-1	22m
symex-1	Symbolic Execution License Checking Revisited Klee Symbolic Execution Solvers		pdf	symex-1-exercises.zip	ast-1, softprot-1, x86-1	25m
symex-2	Symbolic Execution with angr Example angr API		pdf	symex-2-exercises.zip	symex-1	8m

Reverse Engineering

Lectures on using reverse engineering tools and strategies for attacking binary programs.

#	Topic	Video	Slides	In-class Exercises	Prereq- uisite	Video Length
ghidra-1	Introduction to Ghidra 1 Starting a New Project Top Level Interface Viewing Binary Code Viewing Disassembled Code Viewing the CFG Viewing Decompiled Code Viewing Strings		pdf	ghidra-1-exercises.zip	x86-2, cfg-1	19m
ghidra-2	Introduction to Ghidra 2 Viewing The Program Graph Viewing The Call Graph Cross References Fixing Names,Types, and Functions Documenting Your Work Viewing Symbols Navigating the Code Searching for Strings Searching for Instructions		pdf	ghidra-2-exercises.zip	ghidra-1	18m
ghidra-3	Ghidra Code Patching Editing Instructions Removing Instructions Replacing Instructions Referencing External Functions Adding Instructions Code Stealing Adding a Segment		pdf	ghidra-3-exercises.zip	ghidra-1	19m
ghidra-4	Ghidra Scripting Creating, Editing, and Running Scripts The Ghidra API API Documentation		pdf	ghidra-4-exercises.zip	ghidra-3	21m
re-1	Reverse Engineering Strategies Game Cheating Cryptographic Key Recovery License Key Recovery		pdf		ghidra-1, trace-1, virt-1	18m

Software Protection

Lectures on code obfuscation and tamper-proofing.

#	Topic	Video	Slides	In-class Exercises	Prereq- uisite	Video Length
virt-1	Virtualization Obfuscation What is a byte code interpreter? Obfuscating Virtual Machines		pdf	virt-1-exercises.zip	cfg-1	16m
virt-2	Protecting Virtualized Code Randomizing the Instruction Set Random Dispatchers Protecting Handlers Protecting the Byte Code Dynamic Attacks and Defenses		pdf	virt-2-exercises.zip	virt-1	28m
checksum-1	Checksum Integrity Check Checksumming Attacks! Running Example Attack with gdb		pdf	checksum-1-exercises.zip		24m
arith-1	Encoding Integer Expressions Diversifying Integer Expressions Tree Patterns Tree Pattern Matching Attacks Add Your Own Patterns Making Obfuscated Constants		pdf	arith-1-exercises.zip	ast-1	22m
flatten-1	Control Flow Flattening Control flow Flattening Dispatch Methods Attacks and Defenses		pdf	flatten-1-exercises.zip	cfg-1	18m
checksum-2	Checksum Attacks and Defenses Attack with Binary Ninja Attack with Ghidra Defenses: Check-Repair Networks Defenses: Overlapping Checkers Defenses: Stealthy Hash Functions Responding to Attacks		pdf		checksum-1	20m
softprot-1	Software Protection Software License Checking DRM and Whitebox Cryptography Code Transformations Code Obfuscation Tamperproofing Tigress Environment Detection Software Fingerprinting Executable Packing Anti-Disassembly Diversification		pdf	software-protection-1-exercises.zip	intro-1, ghidra-1	28m
opaque-1	Opaque Expressions What is an Opaque Value? Adding Bogus Control Flow Array-based Opaque Predicates Graph-based Opaque Predicates Tigress Dynamic Opaque Predicates		pdf	opaque-1-exercises.zip	flatten-1	20m