Hex Rays

Trainings & Seminars

Hex-Rays regularly organises seminars and training sessions. Training comprises theoretical and practicals sections, with hands-on exercises that will allow you to acquire deep understanding of the concepts and method. All talks and training sessions are given by experts.


2020
Registration for this year’s training session is open!
Read on for details and how to enroll…


training icon


2020 Training course

The 2020 European IDA training course will take place at the Penta Hotel in Li├Ęge, Belgium on December 14–18, 2020.

The first three days (14-15-16 Dec.) will be devoted to the standard IDA training.
The following two days (17-18 Dec.) to a course on Programming for IDA.

Training will be both theoretical and practical. After each theoretical section hands-on exercises will be carried out so as to master thorough understanding of concepts and methods. Training material is always updated to include the latest additions to IDA.

You may book a room at the Penta Hotel where the training takes place or book at an other hotel of your choosing.


Pricing

  • 3510 EUR (3900 USD) Standard training (Using IDA Pro)
  • 2339 EUR (2599 USD) Advanced training (Programming for IDA)

This includes: the class fee, the training handbook and exercises, lunch and coffee breaks.
You will get a 10% discount if you order before 31 October 2020.

Interested? Download the registration forms

MS Word docx   PDF file


price tag


What you will need to attend training:

An IDA license with active support period. There is no need to bring your copy of IDA with you, we will provide you with the latest version at the class. The package will include a free time-limited copy of the decompiler.

Please bring your laptop with you. For the programming class, we will ask you to have a C++ compiler installed (Visual Studio on windows, g++ on linux & OS X.)

Please consult important additional requirements for standard or IDA programming training below


icon-licenseicon-plusicon_laptop

Standard IDA training (3 days)




IDA – the premier binary code analysis software tool

Who should attend this course: Security Engineers, Security Software Developers, Researchers, Forensic Specialists, Virus Analysts, Software Validators

Prerequisites: good x86 assembly knowledge, basics MS Windows API, basic programming skills in any procedural programming languages (C/C++ is preferred)

This training will demonstrate the use of IDA to analyze binary programs on modern operating systems. While the training will be mainly focused on Microsoft Windows programs, the skills taught are universal and usable on other IDA supported platform.

The following topics will be covered:

  • Feature oriented introduction to the IDA architecture:
    The training will focus on making the most of the core IDA
    disassembly features, its debugger and IDC to dissect modern
    real world malware such as MyDoom, Zotob and Warezov.
  • Binary program analysis in IDA: where to begin, how to proceed
    toward the goal
  • The binary level representation of modern programs and
    how malware abuses conventions through code
    obfuscation, code hiding, etc. Special techniques to handle
    obfuscated code.
  • Problems encountered during analysis and how to
    handle them.
  • Automating IDA: batch processing, scripts, plugins

Standard Course Outline:

  • IDA overview
  • Common executable file features
  • Debugger
  • IDC
  • IDA features
  • Memory organization
  • FLIRT
  • Type system
  • IDS files
  • Working with IDA
  • Creating the database: various information sources
  • Various views of the database
  • Navigation
  • Modifying the listing
  • Patching the program
  • With all this information, how do I start my analysis?
  • Working with high level data
  • Arrays
  • Structures
  • Enumerations and bitfields
  • Advanced operations
  • Offsets
  • Bulk operations
  • Special structure types
  • Function prototypes
  • Processor specific issues
  • Code obfuscation
  • Overview of obfuscation techniques
  • Countermeasures
  • Exercises with several real-world sample files

The training material has been updated to cover the latest additions to IDA.


Programming for IDA (2 days)



IDA – extending and building upon it

Who should attend:Security Engineers, Security Software Developers, Researchers, Forensic Specialists, Virus Analysts, Software Validators

Prerequisites: IDA user skills, programming skills in C/C++ languages, solid reverse engineering experience

This training is intended for experienced IDA users who want to take advantage of its open architecture by extending and improving it. You will learn how to write modules to modify the listing, react to events, decrypt/uncompress data right in the database, and many other things. After the course you will have solid understanding of its concepts, classes, and programming interface.

We will implement several useful plugins. Be prepared to program a lot in this training!

The following topics will be covered:

  • IDA architecture overview
    • Modules
    • Memory representation
    • Database organization
  • SDK
    • Setting up
    • Processor module framework
    • Loader framework
    • Plugin framework
    • How to debug custom modules

  • IDA subsystems
    • Utils: i/o, custom stl, regex, misc
    • Database: netnodes and flags
    • Foundations: bytes, names, offsets, etc
    • Address range class: segments and functions
    • Accessing and using IDC
    • Cross-references
    • Functions
    • Events
    • Type information
    • Structures and enums
    • Debugger
    • User interface
    • Graphing
    • Decompiler framework
  • Plugin programming
    • General guidelines
    • Plugin samples/exercises
      • Colorizer
      • Object extractor
      • Debugger helper
      • Type information
      • Graph plugin
      • Processor extension
      • Reaction to events



testimonials icon


Testimonials

“Excellent training. Would recommend highly.”

“Great class to learn about the powerful features of IDA.”

“Very organized, excellent selection of exercises. They build on one another.”

“It was the best reverse engineering course I have ever attended.”

“Come prepared. A lot was covered. Learning environment was excellent. Staff are very professional. Learned & gained new skills.”

“It is a great course for not only using the tool, but for general understanding of binaries.”

“This class is indispensible to a beginning RE, make sure to brush up on assembly instructions and concepts.”

Go to top of page