Learning

This page lists different workshops and classes I prepared and am able to give on a relatively short notice. Adjacent topics can be covered on request.

Workshop: Static Reverse Engineering of Windows Malware with Ghidra

Since 2019 my college Jesko Hüttenhain and myself offer classes in malware reverse engineering. A script accompanying the class that may give an overview of possible content can be found on GitHub. The following list is a selection of topics:

Ghidra - software reverse engineering suite by the NSA

  • Hello Ghidra
  • Types of Malware
  • Reversing Styles
  • Packing and (String) Obfuscation
  • Shellcode
  • Portable Executable (PE) Format
  • Windows API
  • Encoding, Encryption, Compression
  • Assembly, the Stack, Calling Conventions
  • Ghidra Scripting

A solid understanding of a low-level programming is necessary to effectively follow the class. Knowledge of the C-syntax, at least one scripting language, and confidence in using a shell are beneficial.

Even with an audience that has never done any binary reverse engineering before - absolute beginners - will be able to statically reverse engineer Windows-based malware samples and understand their capabilities. Feel free to contact for pricing and possible dates. A few more details can be found on our website mal.re.

Courses: C Programming

From 2008 until 2016, I gave classes in the C programming language for the university of Bonn. The target audience where beginner students in the fields of mathematics, physics and computer science. Some classes where given in cooperation with Jesko Hüttenhain, Tobias Gödderz, and AH-Effect, an umbrella organization with the goal to support and facilitate research and development. Details around some of these classes are listed on the website of AH-Effect.

Armchair Investigators - Ein Dialog zu Malware, Cybercrime und Cyberspionage

Podcast: Armchair Investigators

In 2021 I started to record a semi-regular Podcast with my pal Chris Dietrich. It’s in German and we are talking about Malware, Cybercrime and Cyberespionage.

Courses: Web Development

Developing Web applications is easier than ever. A workshops in web development can fabricate in-house knowledge to remove dependencies on external service providers and hence save a lot of long-term cost.

I have made good experiences implementing a web project in tandem with in-house teams over the course of several weeks. Alternating episodes of live teaching, pair programming as well as hands-on exercises lead to both a finished product as well as deep knowledge and often the ability to maintain and extend the result without any external help.

This has the obvious benefits that you can instantly draw value from the course, which also keeps motivation up, as well as that there is enough time to apply the new knowledge, drive the project, and get answers to meaningful and concrete questions.