New dates/times TBD
Learn disassembly, execution history reconstruction, and binary reversing techniques for better software diagnostics, troubleshooting, debugging, memory forensics, vulnerability and malware analysis on x64 and ARM64 Linux platforms. The course uses a unique and innovative pattern language approach to speed up the learning curve. The training consists of practical step-by-step, hands-on exercises using WinDbg and Linux core memory dumps. Covered more than 25 ADDR patterns originally introduced for the x64 Windows platform, and many concepts are illustrated with Memory Cell Diagrams. The training also features additional diagrams adapted from Linux Practical Foundations books to WinDbg context.
Selected slides of the previous Windows-based training
Prerequisites: Working knowledge of C and C++. Operating system internals and assembly language concepts are explained when necessary.
Audience: Software technical support and escalation engineers who analyze core dumps from complex software environments and need to go deeper in their analysis of abnormal and malicious software structure and behavior. The course is also useful for software engineers, quality assurance and software maintenance engineers who debug software running on diverse cloud and endpoint computer environments, SRE and DevSecOps, security and vulnerability researchers, malware and memory forensics analysts who have never used WinDbg for analysis of computer memory.
The training consists of 3 two-hour sessions. Before the training, you get:
- Access to Software Diagnostics Library
After the training, you also get:
- The PDF book version of the training
- Personalized Certificate of Attendance with unique CID
- Optional Personalized Certificate of Completion with unique CID (after the tests)
- Answers to questions during training sessions