Practical Reverse Engineering

CyberDefenses Academy



Available Upon Request


Available Upon Request

Delivery Method

Classroom & Online


Certification of Completion

Audience / Level



Intro to Reverse Engineering, Critical Thinking and Analysis


Laptop required

Course Details

Program Introduction

Reverse Engineering is the process of extracting knowledge, metadata or design information from anything—though here we are specifically targeting malware and similar elements. Also, the reproduction of an item based on the information you extract.

This means a heavy emphasis on processes, as well as, an understanding of abductive, deductive, and inductive logic. During this course you will learn to:

  • Construct a secure environment as a workspace.
  • Determine targets for your reverse engineering (RE).
  • Define sensible objectives.
  • Use sources of intelligence to enrich the RE effort and streamline objectives.
  • Use processes to triage the focus of your RE.
  • How and what to record as you RE.
  • Tools to assist the RE process, in analysis and documentation

Course Objectives

  • It is designed for those with an interest in using dynamic techniques to interrogate and derive information from files.
  • It conveys the necessary concepts, principles and terms to lay down a solid foundation.
  • It is high beginner to low intermediate class to grow your professional reverse engineering skills.

Target Student

  • Individuals new to or desiring a better understanding of how to incorporate file intelligence into their Incident Response or SOC processes.
  • Professionals who deal with technical issues, but feel they do not have enough background in Reverse Engineering or Threat Intelligence.
  • Technical professionals that need to be armed with greater knowledge of incident response, reverse engineering, threat intelligence and their role in resolving incidents.


Monty St John
Monty St John is a computer science and information security expert, U.S. Navy and U.S. Air Force veteran, certified instructor, and author of dozens of classes for CyberDefenses. He has assisted numerous companies build and accredit laboratories, threat teams, and security operations centers. He’s also a prolific writer with two upcoming technical volumes set for 2018; Game Designer and Speaker. Learn more about Monty St John

Additional Information

  • Laptop required
  • Requires basic knowledge of computers, technology, and command line interface (CLI)
  • Requires knowledge of Linux
  • Requires basic knowledge of Reverse Engineering
  • Understanding of virtual machines (VM) and how to use one
    • Need to import and power on a VM
Follow up this course with another one of CDI’s offerings:
  • Effective YARA

Course Outline

Part "A"
In this two-day portion of the course, students will build a secure environment as a platform, select tools to use and employ them to pull selected information from the reversing target to focus the RE effort. Students will also leverage sources of intelligence to enrich the RE effort and streamline objectives. Lastly, students will use dynamic file interrogation techniques to derive information from the file before beginning RE.
Part "B"
In the second, Part "B" portion of the class, students will delve into machine code, hex and other languages to better understand the target of the RE effort. Students will use debuggers and disassemblers to view and pull data from target file and learn how and what to record during the RE effort.