Hex Rays

Hex-Rays regularly organizes seminars and training sessions. Training comprises theoretical and practical sections, with hands-on exercises that will allow you to acquire deep understanding of the concepts and method. All talks and training sessions are given by experts.

Registration for the 2021 IDA Training Course will be open soon!

Read on for further details!

training icon


2020 IDA Training course

The 2020 IDA Training course was held ONLINE for the first time on December 14-18, 2020

40+ students participated in this 5-day training course. The first 3 days (14-16 Dec) were devoted to the standard IDA training and the following 2 days to the Advanced IDA Training.

“Excellent opportunity to watch “behind the shoulder” of IDA expert(s) as they show the capabilities of the program”

“Excellent coverage of the features of IDA and importantly how to apply them.”

“This is the best place to learn the internals of IDA.”

“Very informative, especially for developers who would like to customize and understand the inter-workings of IDA.”

Pricing

For the 2020 IDA Training course: 3099 EUR (3649 USD)* for the Standard training (Using IDA Pro) and 2099 EUR (2449 USD)* for the Advanced training (Programming for IDA)

*These prices included: Class fee, training material/ handbook and exercises.
**Prices for 2021 IDA Training Courses may change and will be updated at the opening of registration.

Registration for the 2021 IDA Training Course will be open soon – Stay tuned!

price tag

What you will need to attend training:

An IDA license with active support period. We will provide you with the latest version at the training. The package will include a free time-limited copy of the decompiler.

For the programming class, we will ask you to have a C++ compiler installed (Visual Studio on windows, g++ on linux & OS X).

Please consult important additional requirements for standard or IDA programming training below

icon-licenseicon-plusicon_laptop

Standard IDA training (3 days)




IDA – the premier binary code analysis software tool

Who should attend this course: Security Engineers, Security Software Developers, Researchers, Forensic Specialists, Virus Analysts, Software Validators

Prerequisites: good x86 assembly knowledge, basics MS Windows API, basic programming skills in any procedural programming languages (C/C++ is preferred)

This training will demonstrate the use of IDA to analyze binary programs on modern operating systems. While the training will be mainly focused on Microsoft Windows programs, the skills taught are universal and usable on other IDA supported platform.

The following topics will be covered:

  • Feature oriented introduction to the IDA architecture:
    The training will focus on making the most of the core IDA
    disassembly features, its debugger and IDC to dissect modern
    real world malware such as MyDoom, Zotob and Warezov.
  • Binary program analysis in IDA: where to begin, how to proceed
    toward the goal
  • The binary level representation of modern programs and
    how malware abuses conventions through code
    obfuscation, code hiding, etc. Special techniques to handle
    obfuscated code.
  • Problems encountered during analysis and how to
    handle them.
  • Automating IDA: batch processing, scripts, plugins

Standard Course Outline:

  • IDA overview
  • Common executable file features
  • Debugger
  • IDC
  • IDA features
  • Memory organization
  • FLIRT
  • Type system
  • IDS files
  • Working with IDA
  • Creating the database: various information sources
  • Various views of the database
  • Navigation
  • Modifying the listing
  • Patching the program
  • With all this information, how do I start my analysis?
  • Working with high level data
  • Arrays
  • Structures
  • Enumerations and bitfields
  • Advanced operations
  • Offsets
  • Bulk operations
  • Special structure types
  • Function prototypes
  • Processor specific issues
  • Code obfuscation
  • Overview of obfuscation techniques
  • Countermeasures
  • Exercises with several real-world sample files

The training material has been updated to cover the latest additions to IDA.


Programming for IDA (2 days)



IDA – extending and building upon it

Who should attend:Security Engineers, Security Software Developers, Researchers, Forensic Specialists, Virus Analysts, Software Validators

Prerequisites: IDA user skills, programming skills in C/C++ languages, solid reverse engineering experience

This training is intended for experienced IDA users who want to take advantage of its open architecture by extending and improving it. You will learn how to write modules to modify the listing, react to events, decrypt/uncompress data right in the database, and many other things. After the course you will have solid understanding of its concepts, classes, and programming interface.

We will implement several useful plugins. Be prepared to program a lot in this training!

The following topics will be covered:

  • IDA architecture overview
    • Modules
    • Memory representation
    • Database organization
  • SDK
    • Setting up
    • Processor module framework
    • Loader framework
    • Plugin framework
    • How to debug custom modules

  • IDA subsystems
    • Utils: i/o, custom stl, regex, misc
    • Database: netnodes and flags
    • Foundations: bytes, names, offsets, etc
    • Address range class: segments and functions
    • Accessing and using IDC
    • Cross-references
    • Functions
    • Events
    • Type information
    • Structures and enums
    • Debugger
    • User interface
    • Graphing
    • Decompiler framework
  • Plugin programming
    • General guidelines
    • Plugin samples/exercises
      • Colorizer
      • Object extractor
      • Debugger helper
      • Type information
      • Graph plugin
      • Processor extension
      • Reaction to events



testimonials icon


Testimonials

“Excellent training. Would recommend highly.”

“Great class to learn about the powerful features of IDA.”

“Very organized, excellent selection of exercises. They build on one another.”

“It was the best reverse engineering course I have ever attended.”

“Come prepared. A lot was covered. Learning environment was excellent. Staff are very professional. Learned & gained new skills.”

“It is a great course for not only using the tool, but for general understanding of binaries.”

“This class is indispensible to a beginning RE, make sure to brush up on assembly instructions and concepts.”

Go to top of page