Running the IoT Hack Lab at SecTor has been a highlight of my year since 2015. Although we won’t be back this year to fill our corner of the MTCC, I’m happy to be teaching A Beginner’s Guide to Reversing with Ghidra as part of the SecTor 2020 virtual conference October 19-20.

Ghidra is an advanced software reverse engineering suite developed by NSA’s Research Directorate. Ghidra was only publicly released in March 2019 but it has already proven itself with a feature set that dwarfs almost every other free tool and even stacks up well against certain costly commercially licensed tools.  Most notably, it supports cross-platform disassembly, assembly, and decompilation across an extensive list of instruction architectures and executable formats.

Using the official Introduction to Ghidra Student Guide as a basis, this 2-day training introduces the architecture and walks through all major features needed for basic reversing tasks. Skills will be built up through a series of guided exercises as a lead-in to solving crackme challenges. Students will learn how to manually analyze and annotate programs as well as how to use the Ghidra Script API to automate analysis techniques and add functionality to Ghidra.

This class is recommended for newcomers to Ghidra with at least a basic understanding of the C and Python programming languages.  Registration is available now through Black Hat but spaces are limited.