Recon 2025 – Reversing Modern Binaries: Practical Rust & Go Analysis On-site Training
这篇文章介绍了ReCon 2025的一场为期4天的培训课程——“Reversing Modern Binaries: Practical Rust & Go Analysis Training”。该课程由Daniel Frederic和Mathieu Hoste主讲,旨在教授参与者如何分析Rust和Golang编写的二进制文件、应对混淆技术以及逆向工程恶意软件。课程内容涵盖基础到高级技术,并结合实际案例进行实践操作。费用为$5500(早鸟价)至$6000。 2025-2-13 14:54:17 Author: fuzzinglabs.com(查看原文) 阅读量:36 收藏

Reversing Modern Binaries: Practical Rust & Go Analysis Training

Recon Reversing Modern Binaries: Practical Rust & Go Analysis Training by FuzzingLabs

Dive into the world of Rust and Golang reverse engineering at ReCon 2025! Join Daniel Frederic and Mathieu Hoste for this exclusive 4-day training. You will learn how to analyze binaries, tackle obfuscation, and reverse-engineer malware written in two of the most popular modern programming languages.

This 4-day training provides a focused and practical approach to reverse engineering Rust and Golang binaries, two modern programming languages increasingly used in software and malware development. The course begins with a strong foundation in each language’s structure, compilation process, and runtime behavior. Using tools like Ghidra, Radare2, GDB, and LLDB, participants will explore how to analyze data structures, navigate control flows, and decode memory management intricacies, all tailored to the unique features of Rust and Go.

As the training progresses, attendees will dive into advanced topics such as handling stripped binaries, understanding obfuscation techniques, and analyzing real-world malware samples. Emphasis is placed on practical exercises, including debugging binaries, writing YARA rules for detection, and approaching challenges like Goroutines and API hooking. The course concludes with a capstone project, combining advanced analysis techniques to tackle realistic reverse engineering scenarios. By the end of the training, participants will have a well-rounded understanding of Rust and Go reverse engineering, applicable to both security research and malware analysis.

Daniel Frederic & Mathieu Hoste

$5500 (before May 1st) - $6000

Day 1

  • Module 1: Introduction to Rust and Reverse Engineering
  • Module 2: Rust Compilation and Runtime
  • Module 3: Analyzing Rust Structures and Control Flow

Day 2

  • Module 4: Tools and Techniques for Rust Reverse Engineering
  • Module 5: Advanced Reverse Engineering and Obfuscation Techniques
  • Module 6: Advanced Malware Reverse Engineering Techniques in Rust
  • Module 7: Rust Malware Analysis

Day 3

  • Module 8: Introduction to Golang and Reverse Engineering
  • Module 9: Basics of Golang Reversing
  • Module 10: Analyzing Go Structures and Control Flow

Day 4

  • Module 11: Advanced Go Reversing Techniques
  • Module 12: Go Malware Analysis
  • Module 13: Capstone Project and Conclusion

Daniel Frederic

Daniel Frederic is a security researcher at Fuzzinglabs and the current head of the CTF team at LSE. Originally a kernel and low-level developer with a passion for reverse engineering, he merges these interests by focusing on low-level targets. His research primarily involves developing low-level fuzzing tools through in-depth exploration of often obscure targets.

IMG_7219

Mathieu Hoste

Mathieu Hoste is a security engineer at FuzzingLabs, he is a cybersecurity enthusiast who began his journey in reverse engineering and especially Rust. Over time, his passion led him to specialize in blockchain vulnerability research. At FuzzingLabs, he focuses on uncovering critical flaws in Ethereum using advanced fuzzing techniques to improve the security of the blockchain ecosystem.

Day 1: Rust Reverse Engineering – Fundamentals and Tooling

Module 1: Introduction to Rust and Reverse Engineering

  • History, philosophy, and features of Rust
  • Why attackers use Rust for malware development
  • Fundamentals of reverse engineering
  • Setting up the reverse engineering environment (Ghidra, GDB, LLDB, Radare2)

Module 2: Rust Compilation and Runtime

  • Compilation process: From source code to machine code (LLVM/MIR)
  • Rust runtime (Linux and Windows)
  • Rust’s calling conventions, memory management, symbol mangling/demangling

Module 3: Analyzing Rust Structures and Control Flow

  • Understanding data structures (Option, Result enums, slices, structs)
  • Analyzing control flow: Functions, methods, loops, conditionals
  • Exercise: Reverse engineering a simple Rust program

Day 2: Advanced Rust Reversing and Malware Analysis

Module 4: Tools and Techniques for Rust Reverse Engineering

  • Configuring Ghidra for Rust binaries
  • Debugging with GDB/GEF and LLDB
  • Practical exercises with Rust debugging and analysis

Module 5: Advanced Reverse Engineering and Obfuscation Techniques

  • Tackling stripped binaries: Symbol recovery and function inlining
  • Handling obfuscation techniques: String obfuscation, anti-debugging
  • Exercise: Reverse engineering an obfuscated Rust binary

Module 6: Advanced Malware Reverse Engineering Techniques in Rust

  • Analyzing process hollowing, API hooking, and DLL injection in Rust malware
  • Understanding loader injection and packers in Rust binaries
  • Practical exercises with Rust malware samples

Module 7: Rust Malware Analysis

  • Case studies (e.g., Luca Stealer)
  • Writing YARA rules for Rust binaries
  • Exercise: Analyzing a Rust malware sample and crafting YARA rules

Day 3: Golang Reverse Engineering – Fundamentals and Tooling

Module 8: Introduction to Golang and Reverse Engineering

  • Overview of Go language and its features
  • Why attackers use Go for malware development
  • Go compilation (go build, go install) and runtime basics
  • Exercise: Reversing a simple Go binary

Module 9: Basics of Golang Reversing

  • Challenges in reversing Go binaries
  • Tools for Go analysis: Ghidra, Radare2, GDB, and IDA Pro
  • Go runtime analysis: Common runtime functions, calling conventions
  • Analyzing Go binary sections and basic structures (int, string, slice, map)
  • Exercise: Analyzing a Go binary with basic structures

Module 10: Analyzing Go Structures and Control Flow

  • Go structs and interfaces
  • Understanding control flow in Go: Functions, methods, loops, and error handling
  • Exercise: Reverse engineering a Go program

Day 4: Advanced Golang Reversing and Malware Analysis

Module 11: Advanced Go Reversing Techniques

  • Challenges with stripped Go binaries
  • Advanced Go features: Goroutines, channels, synchronization (wait groups, mutex)
  • Analyzing Go’s memory management and reflection
  • Exercise: Reversing a Go binary with advanced features

Module 12: Go Malware Analysis

  • Case studies of Go-based malware
  • Writing YARA rules for Go binaries
  • Exercise: Reversing Go malware and crafting YARA rules

Module 13: Capstone Project and Conclusion

  • Reverse engineering a complex Go application
  • Guided capstone project combining advanced techniques from both Rust and Go
  • Review of core concepts and open Q&A session
  • Additional resources for further learning

Prerequisites and requirements

PREREQUISITES

  • Basic knowledge of Rust and Go programming.
  • Familiarity with reverse engineering concepts and assembly language.
  • Familiarity with scripting (Python, Bash) and Linux.

HARDWARE REQUIREMENTS

  • A working laptop capable of running virtual machines
  • 8GB RAM required, at a minimum
  • 40 GB free Hard disk space
  • Administrator / root access MANDATORY

SOFTWARE REQUIREMENTS

  • VirtualBox installed with guest addition
  • IDA Pro and/or Binary Ninja would be helpful but not required

Founded in 2021 and headquartered in Paris, FuzzingLabs is a cybersecurity startup specializing in vulnerability research, fuzzing, and blockchain security. We combine cutting-edge research with hands-on expertise to secure some of the most critical components in the blockchain ecosystem.

Contact us for an audit or long term partnership!

Any questions about our services and trainings ?​

Let’s work together to ensure your peace of mind.


文章来源: https://fuzzinglabs.com/recon-2025-reversing-modern-binaries-practical-rust-go-analysis-on-site-training/
如有侵权请联系:admin#unsafe.sh