LEVEL: ADVANCED

Full course.
Advanced malware reverse engineering with Ghidra*

Developed by experts at the Kaspersky Lab, the “Advanced Malware Reverse Engineering with Ghidra” course is your gateway to unlocking the full potential of this invaluable tool.
The course is tailored to provide a robust foundation in Ghidra. Starting with mastering the basics of Ghidra, you’ll embark on a journey that de-mystifies the malware analysis workflow. Explore data types, structures, and external type definitions. Learn basic and advanced-level Ghidra scripting in Python and Java, find out how to identify run-time library code and much more.
Write your awesome label here.

Igor Kuznetsov
Director, Global Research & Analysis Team (GReAT)

Igor is the Director of the Global Research & Analysis Team (GReAT) at Kaspersky. His research focuses on investigating malware campaigns and employing reverse engineering techniques to understand advanced malware. He has more than 20 years of reverse engineering experience.
Write your awesome label here.

Georgy Kucherin
Security Researcher, Global Research & Analysis Team (GReAT)

Georgy Kucherin is a Security Researcher at Kaspersky’s renowned Global Research and Analysis Team. With a strong background in cybersecurity research, Georgy has contributed significantly to the field through his comprehensive investigations into advanced persistent threats (APTs) such as FinFisher, APT41, and Lazarus. 

Training objectives

Get familiarized with the process of setting up Ghidra and building its latest version from source code.
Gain a firm understanding of how to work with data types and structures in Ghidra.

Learn how to use Ghidra’s disassembler and decompiler scripting capabilities to automate reverse engineering tasks.

Understand how to perform a typical malware analysis workflow with Ghidra.

Learn to identify runtime library code with Ghidra.

Understand how to extend Ghidra’s capabilities using the Eclipse IDE™ (Eclipse IDE is a trademark of Eclipse Foundation, Inc.)

Help & support

Please contact us at help.kasperskyxtraining.com if you are experiencing technical issues or need help and would like to chat with a Kaspersky expert.

Also, we invite you to join our Discord community for all the Kaspersky Expert Training learners, where you can talk with your peers, discuss courses’ exercises and much more.Click the link below and enjoy https://discord.gg/Ffxvjgn7XD 

*Ghidra is an open-source software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate. Reference herein to any specific commerical product, process, or service by trade name, trademark, manufacturer, or otherwise, in this Software is used for informational purposes only and does not constitute any association or relationship with NSA or its products.