## Video Preview
Jeremy Blackthorne goes over the major features of Ghidra in his highly interactive 2 hour workshop Reversing with Ghidra. If you want to dive deep into Ghidra, join Jeremy and Kayla Afanador for their Reverse Engineering with Ghidra training, returning once again at CATCH2022.
## Abstract
This is a hands-on course on using Ghidra for reverse engineering and vulnerability research. Exercises include Windows binaries, Linux binaries, and device firmware. Binaries will also be in a variety of architectures, including ARM, PowerPC, MIPS, x86, and x64. After completing this course, students will have the practical skills to use Ghidra in their day-to-day reversing tasks.
## Course Topics
#### Introduction
* Ghidra overview
* Project management
* Code navigation, manipulation
* Symbols, labels, bookmarks, searching
* Disassembler-decompiler interaction
* Patching
#### Ghidra Expert Tools
* Decompiler deep dive
* Datatype management
* Memory management
* P-code
* Program flow
* Ghidra tools
* Plugin groups
#### Automation with Ghidra
* Java/Jython refresher
* The Ghidra FlatAPI
* Development with Eclipse and the GhidraDev plugin
* Analysis in Ghidra headless mode
* Java-Jython interop
## Prerequisites
Students are expected to have some experience with static and dynamic analysis, Linux, Windows, command line tools, shell scripting, C, and Python. Students should have the ability to do the following:
* Declare an array pointer in C
* Write a python script to XOR an encoded string
* Perform a function trace using a debugger
* Identify dead code using a disassembler
## Software requirements
Students are expected to have their own computers which can run a 30GB virtual machine. A recommended hardware configuration is the following:
* 50 GB of free hard disk space
* 16 GB of RAM
* 4 Processor cores
* VMWare or Virtual Box to import an ova file
Jeremy Blackthorne [@0xJeremy](https://twitter.com/0xJeremy) is a co-founder and instructor at the Boston Cybernetics Institute (BCI). Before BCI, he was a researcher in the Cyber System Assessments group at MIT Lincoln Laboratory. He was the co-creator and instructor for the Rensselaer Polytechnic Institute courses: Modern Binary Exploitation and Malware Analysis. Jeremy has published research at various academic and industry conferences. He served in the U.S. Marine Corps with three tours in Iraq and is an alumnus of RPISEC.
Kayla Afanador
Kayla Afanador is a senior technical staff member and instructor at the Boston Cybernetics Institute (BCI). Prior to BCI, Kayla was the Cyber Research & Development lead for the U.S. Naval Air Warfare Center Weapons Division. Kayla completed her PhD in computer science at the Naval Postgraduate School with a focus on automated vulnerability research.
#### TRAINING SCHEDULE
| | |
|------------------|-------------------|
| FEB 12 Saturday | Live Lecture (4h) |
| FEB 13 Sunday | Live Lecture (4h) |
| FEB 14 Monday | Live Lecture (4h) |
| FEB 15 Tuesday | Live Lecture (4h) |
| FEB 16 Wednesday | Live Lecture (4h) |
| FEB 17 Thursday | Live Lecture (4h) |
| FEB 18 Friday | Live Lecture (4h) |
##### Live Lecture Timings
| | |
|---------------|-----------------|
| 8 am - 12 pm | US Pacific Time |
| 11 am - 3 pm | US Eastern Time |
| 4 pm - 8 pm | UK |
| 5 pm - 9 pm | CET |
Each lecture shall be split into 3 sessions of 90 minutes each, with 10 minute breaks inbetween.
#### TRAINING SCHEDULE
This training shall be conducted during
**EXACT LECTURE DATES SHALL BE ANNOUNCED SOON.**
Lecture Recordings
Recordings shall be made available
after each lecture, throughout the duration
of the course. ONLY FOR REGISTERED STUDENTS.
