- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive! / SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
This course opened my eyes and gave new perspectives of web app penetration testing.
-Ji Lee, Seamless Web
NOTE: Mentor sessions run for 10 weeks, one evening a week for two hours unless otherwise noted below.
Security 610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques
Ottawa, ON
Thursday, May 13, 2010 - Thursday, June 17, 2010
| Course Fees | Payment Deadline |
| $2,695.00 | Through Wednesday, March 31, 2010 * |
| $2,845.00 | After Wednesday, March 31, 2010 * |
| $3,095.00 | After Wednesday, April 14, 2010 |
| $499.00 | Additional For Proctored Certification † |
| $399.00 | Additional For OnDemand |
* Payment must be RECEIVED by the deadline to receive the posted rate.
Mentor: Karim Nathoo
Date:
Thursday, May 13, 2010
Meeting Time:
6:00 PM - 8:00 PM
Where:
Chimo HotelMentor Bio:
1199 Joseph Cyr Street
Ottawa, ON
Phone: (613) 744-1060
Karim Nathoo: Karim Nathoo is a freelance computer security consultant with extensive experience providing high assurance ethical hacking and security engineering services to government, military and private sector clients. Karim has delivered professional services for international clients in Asia, Europe, Canada and the United States. Karim has experience working with R&D teams in cutting edge technical environments as well as providing executive level risk management briefings and proof of concept security demonstrations to senior management.
Karim has performed security assurance and engineering engagements for organizations such as Entrust, Apple, Microsoft, France Telecom, Cloakware Corporation, Creative Labs, Motorola, Verizon, Nokia, Philips Semiconductor, SONY BMG, SUN Microsystems, QNX Software Systems and numerous Canadian and US Government agencies. Karim’s diverse security background allows him to provide unique and in-depth expertise on a broad array of security projects.
Karim currently serves as Co-Lead for the Ottawa Chapter of the Open Web Application Security Project (OWASP) and is a member of the SANS Advisory Board. Karim has been certified by the Communications Security Establishment as a Common Criteria EAL4 evaluator, allowing him to perform evaluations of security products up to the EAL 4 level of assurance (highest assurance level mutually recognized by Common Criteria signatory countries). Karim has been certified by the SANS Institute in Incident Handling (GCIH) and Reverse Engineering Malware (GREM) and by ISECOM as an OPST (OSSTM Professional Security Tester). Karim possesses an Honors Degree in Computer Science from the University of Waterloo.
Expand your capacity to fight malicious code by learning how to analyze bots, worms, and trojans. This popular four-day course discusses practical approaches to examining Windows malware using a variety of monitoring utilities, a disassembler, a debugger, and other tools useful for reverse-engineering malicious software. You don't have to be a full-time malware searcher to benefit from this course-as organizations increasingly rely on their staff to act as first responders during a security incident, malware analysis skills become increasingly important.
By covering both behavioral and code analysis approaches, this unique course provides a rounded approach to reverse-engineering. As a result, the course makes malware analysis accessible even to individuals with a limited exposure to programming concepts. The materials do not assume that the students are familiar with reverse-engineering; however, the difficulty level of concepts and techniques increases quickly as the course progresses.
In the first half of the course, you will learn how to set up an inexpensive and flexible laboratory for understanding inner-workings of malware, and demonstrate the process by exploring capabilities of real-world specimens. You will learn to examine the program's behavioral patterns and assembly code, and study techniques for bypassing common code obfuscation mechanisms. The course also explores how to analyze browser-based malware.
In the second half of the course, you will review key assembly language concepts. You will learn to examine malicious code to understand its flow by identifying key logic structures, looking at examples of bots, rootkits, key loggers, and so on. You will understand how to work with PE headers and handle DLL interactions. You will also develop skills for analyzing self-defending malware through advanced unpacking techniques and bypassing code-protection mechanisms. Finally, you will discover how to bypass obfuscation techniques employed by browser-based malicious scripts.
Hands-on workshop exercises are an essential aspect of this course, and allow you to apply reverse-engineering techniques by examining malicious code in a carefully-controlled environment. When performing the analysis, you will study the supplied specimen's behavioral patterns, and examine key portions of its assembly code.
- © 2000-2009 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy