Continuing education in cybersecurity: Reverse Engineering, Bac + 2

The BADGE Reverse Engineering (Aptitude Assessment Delivered by the Grandes Écoles) will return to the elementary notions related to the architectures studied during the training (x86, x86_64, and ARM mainly). Students will focus on reverse engineering's main applications: malware, protections, large programs, undocumented protocols, and cryptography.

At the end of this training, participants will be able to meet all the needs in reverse engineering and have been confronted with many practical cases. They will then understand the behaviour of any program, protected or not, and study it in depth.

Knowledge acquired at the end of the BADGE:

Introduction to ASM x86 and ARM -This module is a building block on which training providers will build. This involves seeing or reviewing the concepts related to reverse engineering and the particularities of ASM and ARM. Through the various practical exercises, students will acquire sufficient technical background to tackle the training's different subjects.

Cryptography - This course aims to introduce the fundamental concepts of modern cryptography and provide an overview of the primitives present in current cryptographic protocols. At the end of the training, students will have the knowledge and methodology necessary to identify and reverse engineering cryptographic algorithms.

Reverse Engineering applied to object-oriented languages ​​- The analysis of binaries developed in an object-oriented language requires notions specific to the latter. Through the study of characteristics related to C ++, this intervention aims to introduce the concepts and the way to analyze this executable.

Compilation and Obfuscation - This course introduces you to the different steps in the compilation process of a program and provides an overview of basic obfuscation techniques. These notions are useful to understand the compiler's optimizations and identify specific mechanisms used to counter binary analysis.

Reverse Mobile - This module's objective is to introduce the basics associated with reverse engineering on mobile. At the end of the training, students will analyze and debug IOS and Android applications. They will have a general knowledge of the internal mechanics of these two platforms.

Analysis tools and framework - Reverse real engineering applications can be time-consuming and tedious. It is sometimes necessary to develop your scripts to facilitate their analysis. This module presents different tools such as Metasm, Miasm, and Triton, which help reverse by offering a different approach. By the end of the training, students will have an idea of ​​the usefulness of such tools and will be able to use them effectively.

Executable File Format - This course provides knowledge of the internal structures of an executable file and the process of loading binaries into the operating system.

At the end of this intervention, students will be able to study and manipulate this type of format and recognize the different structures that make it up.

Embedded - Reverse engineering doesn't stop at the software layer. More and more attacks are possible at the hardware level. This module aims to demonstrate, through practice, a methodology for analyzing embedded devices and to provide basic knowledge in hardware reverse engineering.

Operating System Architectures - This course introduces the architecture of computers, physical layers, kernel, userspace, and the relationships between software components and hardware. This involves understanding the inner workings of a computer and the mechanisms that allow it to interact with a program (pagination, segmentation, DMA, software and hardware breakpoints, fault management, etc.).

Exploitation - This intervention aims to present the different classes of vulnerability as well as a methodology related to the search for these. In this module, students are invited to analyze software flaws and develop functional exploitation codes.

Malware Scanning - Malware is a particular binary that can be complicated to reverse: it usually comes with many protection mechanisms, and its very nature can make scanning difficult. The objective of this course is to teach you to study these programs effectively. Given the ever-increasing number of such codes, it is impossible to look at everything manually. We will therefore review the classification tools and methods to optimize the analyzes.