2021-06-12, 11:00–11:45, Track 2
An introduction to reverse engineering binaries in elf and PE formats with Ghidra that goes over first reverse engineering concepts to utilizing ghidra's many features to tackle tasks such as malware analysis, vulnerability analysis, and general reversing.
Ghidra is a disassembly tool that takes an executable, object, apk, etc., and parses the machine code into various forms that end with an assembly language and a decompiler to convert that assembly to C. This allows for a thorough inspection of code within executables for various purposes which could entail malware analysis, reverse engineering, vulnerability research, debugging, etc.
This is a revamped presentation with updates for the latest Ghidra changes as well as more in depth tricks and tips for reversing with Ghidra and collaboration that I've learned over the last couple of years of using Ghidra professionally.
Some familiarity with x86/x64 ASM and C will be helpful for this session.
Christopher Doege is a professional Reverse Engineer and Vulnerability Researcher that has been intrigued with software security for a long time. In his free time he enjoys CTFs, video game hacking, and checking out new technologies to work with.
If you're every looking for a mentor to help you along your way to doing reverse engineering, vulnerability research, or other cyber security related topics feel free to reach out to me.