We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.

Accept and Close

Contact us

Ask a question?

If you want to know anything about the course, we’re here to help.



Reverse Engineering
with Ghidra

2 day expert led training (25 seats only)

24th & 25th November, 11am - 4pm UTC (14.00-19.00 MSK)

This bootcamp is a unique opportunity for established reverse engineers, security researchers and malware analysts seeking to upgrade their skills, to join a Kaspersky GReAT expert to learn the advantages of using Ghidra - setting up the environment, working with structures, data types, automating routine tasks, and more.

The bootcamp main event will be a live reversing session of a metasploit stager shellcode and a showcase sample of the Calypso APT. Participants will also be able to follow Igor’s steps and tinker with real-life samples in their own fully secured pre-configured virtual labs.

On the first day of the bootcamp, we will walk you through Ghidra’s toolset, set up the environment and use Ghidra to analyze a metasploit stager shellcode. This will include using built-in datatypes, importing auxiliary headers, getting familiar with both the disassembly listing and the decompiler.

Day two will see exploration of Ghidra scripting in both Java and Python to restore API functions by hashes, and then reconstruct and use custom data structures while reversing a Calypso APT sample.


Practice on real-life malware

Participants ‘learn by doing’, using the hands-on virtual lab to work on targeted malware samples used in the wild by powerful APT and e-crime actors.

Master advanced tools and techniques

You will practice reconstructing C++ classes and data structures, developing custom decryption scripts, and get acquainted with the Ghidra infrastructure for effective malware reversing.

Learn with the best

Analyze malware samples thoroughly under the guidance of a Kaspersky GReAT expert.

All Levels



$750 inc. tax per attendee (credit card payments only)

Join the bootcamp to learn about:

  • Setting up the environment
  • Switching from IDA to Ghidra
  • Structures
  • Data types
  • Filling in the missing information
  • Automating: basic Python & Java scripting
  • Typical analysis workflow
  • Resolving API hashes using Ghidra scripting

Your training instructor

Igor Kuznetsov

Igor Kuznetsov,

Chief Security Researcher

Igor is the Chief Security Researcher in the Global Research & Analysis Team (GReAT) at Kaspersky, and has more than 20 years of reverse engineering experience.

Igor specializes in investigating malware campaigns and reverse engineering advanced malware. His areas of expertise include cyber espionage and highly targeted attacks, advanced threat actors and APTs; cyber warfare, cyber weapons such as Stuxnet, Duqu, Flame, Gauss; ATM security. Igor regularly provides training sessions on advanced malware analysis.


$750 inc. tax per attendee (credit card payments only)