0.0 / 1.1 Introduction & lab setup
Hands-on0.1 Threat landscape & malware economy
1.0 / 1.1 Windows artefacts & persistence
Hands-on1.2–1.4 PE format, compilation & linking, Windows internals
Hands-onFive days that turn engineers into malware analysts. A hands-on, practical deep dive into malware analysis and reverse engineering, built and taught by a researcher who does this work in the field. You get a ready-to-go analysis lab on a VM we provide, so all you bring is a laptop. On-site or remote.
From an empty lab to breaking real ransomware. Five days of doing, not watching.
From an empty lab to breaking real ransomware. Every block is doing, not watching.
0.0 / 1.1 Introduction & lab setup
Hands-on0.1 Threat landscape & malware economy
1.0 / 1.1 Windows artefacts & persistence
Hands-on1.2–1.4 PE format, compilation & linking, Windows internals
Hands-on2.0 Static analysis basics
Hands-on2.1 Dynamic analysis basics
Hands-on3.0 Assembly language introduction
Hands-on3.1 / 3.2 Process memory management & calling conventions
Hands-on3.3 Reverse engineering
Hands-on3.4 Debugging
Hands-on4.0 Advanced injection techniques
4.1 / 4.2 Cryptography: theory & applied
4.3 / 4.4 Anti-RE, anti-debugging & anti-sandbox
Hands-on4.5 Packing
Hands-on5.0 Script-based malware
5.1 / 6.0 Attack process & network, stealers
6.1 Ransomware practical activity
Hands-on7.0 Threat & IOCs, wrap-up & Q&A
Departures
No setup tax. We provide a complete, pre-built virtual machine with every exercise, sample, and tool already in place. You spend the week analysing malware, not installing it. All you need is a laptop that can run a Windows VM in VirtualBox.
By the end of the week, the work is in your hands, not just in your notes.
€3,000
per person, per 5-day session
Delivered on-site at your offices or fully remote, for an individual or a whole team. A working knowledge of C and a scripting language helps, and some basic digital-forensics experience is welcome, but no prior reverse-engineering experience is required. We provide the full lab VM; you bring a laptop that can run it. Get in touch for available dates, group size, and a tailored agenda.
Tell us your team and your timeline, and we will set up the dates and tailor the agenda.