X

Enroll your team

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

X

Register

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

X

Request Access

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

X

Pre-register

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

Read our new report: The portrait of modern InfoSec professional here

Advanced malware reverse engineering with Ghidra*

Built for Tier 3 threat hunters

Advanced

$1,800 inc. tax per learner

Advanced

$1,800 inc. tax per learner

Enroll my team
Request demo access

Background

As the digital realm continues to expand, the challenges associated with it grow as well. Enter Ghidra, a powerful tool that has become indispensable for InfoSec specialists. Whether you’re an individual looking to enhance your career prospects or a business striving to fortify its digital stronghold, Ghidra is the compass guiding you through the intricate terrain of malware analysis and reverse engineering.

Developed by experts at the Kaspersky Lab, the “Advanced Malware Reverse Engineering with Ghidra” course is your gateway to unlocking the full potential of this invaluable tool.

Created by luminaries in the field such as Igor Kuznetsov, Director of GReAT, and Kaspersky security researcher Georgy Kucherin, this course is designed to empower you with the skills and knowledge necessary to navigate the complex world of malware analysis.

The course is tailored to provide a robust foundation in Ghidra. Starting with mastering the basics of Ghidra, you’ll embark on a journey that de-mystifies the malware analysis workflow. Explore data types, structures, and external type definitions. Learn basic and advanced-level Ghidra scripting in Python and Java, find out how to identify run-time library code and much more.

Let’s embark on this transformative training course together, where understanding Ghidra isn’t just an achievement — it’s a strategic advantage.

Course leaders

Igor Kuznetsov

Director, Global Research & Analysis Team (GReAT)

Igor is the Director of the Global Research & Analysis Team (GReAT) at Kaspersky. His research focuses on investigating malware campaigns and employing reverse engineering techniques to understand advanced malware. His profound knowledge and skills have proven instrumental in understanding and countering complex cyber threats. He has more than 20 years of reverse engineering experience.

Georgy Kucherin

Security Researcher, Global Research & Analysis Team (GReAT)

Georgy Kucherin is a Security Researcher at Kaspersky’s renowned Global Research and Analysis Team. Georgy demonstrates an unwavering passion for unraveling the intricacies of complex malware and employing reverse engineering techniques to analyze and understand its inner workings. With a strong background in cybersecurity research, Georgy has contributed significantly to the field through his comprehensive investigations into advanced persistent threats (APTs) such as FinFisher, APT41, and Lazarus. Georgy actively shares his research findings at prominent conferences, including SAS, VirusBulletin, and other renowned gatherings, where his presentations captivate audiences and contribute to the collective knowledge of the cybersecurity community.

Overview & Objectives

  • Get familiarized with the process of setting up Ghidra and building its latest version from source code
  • Understand how to perform a typical malware analysis workflow with Ghidra
  • Gain a firm understanding of how to work with data types and structures in Ghidra
  • Be able to identify runtime library code with Ghidra
  • Learn how to use Ghidra’s disassembler and decompiler scripting capabilities to automate reverse engineering tasks
  • Understand how to extend Ghidra’s capabilities using the Eclipse IDE™ (Eclipse IDE is a trademark of Eclipse Foundation, Inc.)

Syllabus

Whos it for?

InfoSec professionals

Perfect for seasoned reverse engineers, incident responders, and digital forensics experts, this course takes your cybersecurity prowess to new heights through an advanced acquaintance with the Ghidra tool.

Cybersecurity consultancies

The course will empower your personnel with the mastery of Ghidra, enabling them to provide unparalleled cybersecurity solutions and deliver top-tier malware analysis services to clients.

Enterprises

Elevate your organization's cybersecurity and SOC teams. Upon completing the course, they'll become experts in conducting a comprehensive malware analysis using Ghidra, capable of uncovering actionable insights that bolster your organization's security framework and enhance incident response strategies.

How you'll learn

Guided video lectures

Dive into the Ghidra tool usage through the expert lectures that break down complex concepts into easily digestible segments.

Virtual Lab

Step into a secure virtual environment created specifically for the course, where you can apply your skills without risk.

Iterative learning 

Embrace a learning journey that adapts to your pace. Benefit from iterative exercises, quizzes and experts’ solutions that reinforce your understanding, ensuring mastery of each topic before moving forward.

Benefits

Access

6 months to complete your course

Language

Course delivered in English with English subtitles

Pace

Self guided learning that fits around your life

Access to Virtual lab

100 hours in browser based Virtual lab with hands on training

Learning environment

Browser based via desktop, mobile or tablet

Guided videos

40+ videos to guide you through the course

Certification of completion

PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s)

*Ghidra is an open-source software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate. Reference herein to any specific commerical product, process, or service by trade name, trademark, manufacturer, or otherwise, in this Software is used for informational purposes only and does not constitute any association or relationship with NSA or its products.