![](https://ccweb.imgix.net/https%3A%2F%2Fwww.classcentral.com%2Fimages%2Ficon-black-friday.png?auto=format&ixlib=php-4.1.0&s=fe56b83c82babb2f8fce47a2aed2f85d)
Overview
![](https://ccweb.imgix.net/https%3A%2F%2Fwww.classcentral.com%2Fimages%2Ficon-black-friday.png?auto=format&ixlib=php-4.1.0&s=fe56b83c82babb2f8fce47a2aed2f85d)
This course aims to teach learners how to utilize dynamic binary instrumentation (DBI) to unpack and analyze obfuscated Windows executable malware samples efficiently. By exploring the functionality of a DBI framework, students will learn how to extract and reconstruct the original program from a packed version, speeding up the analysis process. The course covers designing a generic unpacking algorithm to detect common behaviors of packers and defeat popular packing techniques, including Import Address Table (IAT) obfuscation. Through practical experiments, students will validate the effectiveness of the unpacking process against various packers and malware samples. The intended audience for this course includes cybersecurity professionals, malware analysts, and individuals interested in reverse engineering and cybersecurity research.
Syllabus
Pindemonium: A DBI-Based Generic Unpacker for Windows Executable
Taught by
Black Hat