Reverse Engineering

Students will learn fundamentals of reverse engineering of computer software (methods of executing and initializing programs, organization of executable files, work with third-party libraries). Special attention will be paid to C ++. Students will also become familiar with the principles of debugging tools, disassemblers and obfuscation methods. Finally, the course will focus on code compression and decompression and executable file reconstruction.

After he/she had completed the course, the student will be able to independently perform reverse analyses of binary executable files on the MS Windows platform, including analyzing obfuscated files (i.e. malware).

The students complete four homeworks and a semestral work and are awarded up to 70 points for them. In order to get an assessment, they need to get 35 points. The exam is oral (a voice chat over Teams), with two questions, and the grading is either pass or fail; the points are then calculated as 3/7 of the points from the assessment.

Very good knowledge of C, C++. Basic knowledge of programming in assembler/machine code.

• [1] Eilam, E.: Reversing: Secrets of Reverse Engineering. Wiley. 2005. 987-0-7645-7481-8.
• [2] Eagle, C.: The IDA Pro Book: The unofficial Guide to the World's Most Popular Disassembler. No Starch Press. 2011. 987-1-59327-289-0.
• [3] Seacord, R. C.: Secure Coding in C and C++. Software Engineering Institute, Carnegie Mellon University. 2013. 987-0-321-82213-0.
• [4] Russinovich M. - Solomon D. A. - Ionescu A.: Windows Internals Part 1. Microsoft Press. 2012. 987-0-7356-4873-9.
• [5] Russinovich M. - Solomon D. A. - Ionescu A.: Windows Internals Part 2. Microsoft Press. 2012. 987-0-7356-6587-3.

Reverse engineering, executable file analysis, malware, security, assembler, machine code.