ReCon 2025的三天培训由Daniel Frederic和Nabih Benazzouz主讲,专注于Rust和Golang的逆向工程分析,涵盖二进制分析、混淆技术处理及恶意软件逆向工程。适合具备基础编程和逆向工程知识的专业人士。 2025-6-23 09:33:59 Author: fuzzinglabs.com(查看原文) 阅读量:21 收藏
Reversing Modern Binaries: Practical Rust & Go Analysis Training
Dive into the world of Rust and Golang reverse engineering at ReCon 2025! Join Daniel Frederic and Nabih Benazzouz for this exclusive 3-day training. You will learn how to analyze binaries, tackle obfuscation, and reverse-engineer malware written in two of the most popular modern programming languages.
This 4-day training provides a focused and practical approach to reverse engineering Rust and Golang binaries, two modern programming languages increasingly used in software and malware development. The course begins with a strong foundation in each language’s structure, compilation process, and runtime behavior. Using tools like Ghidra, Radare2, GDB, and LLDB, participants will explore how to analyze data structures, navigate control flows, and decode memory management intricacies, all tailored to the unique features of Rust and Go.
As the training progresses, attendees will dive into advanced topics such as handling stripped binaries, understanding obfuscation techniques, and analyzing real-world malware samples. Emphasis is placed on practical exercises, including debugging binaries, writing YARA rules for detection, and approaching challenges like Goroutines and API hooking. The course concludes with a capstone project, combining advanced analysis techniques to tackle realistic reverse engineering scenarios. By the end of the training, participants will have a well-rounded understanding of Rust and Go reverse engineering, applicable to both security research and malware analysis.
10th-12th of November 2025
Daniel Frederic & Nabih Benazzouz
$3300 (before June 30th) - $3500
Day 1 & 2
- Module 1: Introduction to Rust and Reverse Engineering
- Module 2: Rust Compilation and Runtime
- Module 3: Analyzing Rust Structures and Control Flow
- Module 4: Tools and Techniques for Rust Reverse Engineering
- Module 5: Advanced Reverse Engineering and Obfuscation Techniques
- Module 6: Advanced Malware Reverse Engineering Techniques in Rust
- Module 7: Rust Malware Analysis
Day 2 & 3
- Module 8: Introduction to Golang and Reverse Engineering
- Module 9: Basics of Golang Reversing
- Module 10: Analyzing Go Structures and Control Flow
- Module 11: Advanced Go Reversing Techniques
- Module 12: Go Malware Analysis
- Module 13: Capstone Project and Conclusion
Daniel Frederic
Daniel Frederic is a security researcher at Fuzzinglabs and the current head of the CTF team at LSE. Originally a kernel and low-level developer with a passion for reverse engineering, he merges these interests by focusing on low-level targets. His research primarily involves developing low-level fuzzing tools through in-depth exploration of often obscure targets.
Nabih Benazzouz
Nabih Benazzouz is a cybersecurity expert and system enthusiast with a robust background in vulnerability research, fuzzing, and secure system development. A graduate of EPITA with a major in Systems, Networks, and Security, Nabih has honed his skills through a series of R&D roles at FuzzingLabs and projects like kernel development and advanced fuzzing techniques. With a knack for tools like Ghidra, Binary Ninja, and Honggfuzz, he has a strong command of reverse engineering and system administration. Fluent in Arabic, French, and English, he combines technical excellence with a dedication to cutting-edge innovation.
Chapter 1: Rust Reverse Engineering – Fundamentals and Tooling
Module 1: Introduction to Rust and Reverse Engineering
- History, philosophy, and features of Rust
- Why attackers use Rust for malware development
- Fundamentals of reverse engineering
- Setting up the reverse engineering environment (Ghidra, GDB, LLDB, Radare2)
Module 2: Rust Compilation and Runtime
- Compilation process: From source code to machine code (LLVM/MIR)
- Rust runtime (Linux and Windows)
- Rust’s calling conventions, memory management, symbol mangling/demangling
Module 3: Analyzing Rust Structures and Control Flow
- Understanding data structures (Option, Result enums, slices, structs)
- Analyzing control flow: Functions, methods, loops, conditionals
- Exercise: Reverse engineering a simple Rust program
Chapter 2: Advanced Rust Reversing and Malware Analysis
Module 4: Tools and Techniques for Rust Reverse Engineering
- Configuring Ghidra for Rust binaries
- Debugging with GDB/GEF and LLDB
- Practical exercises with Rust debugging and analysis
Module 5: Advanced Reverse Engineering and Obfuscation Techniques
- Tackling stripped binaries: Symbol recovery and function inlining
- Handling obfuscation techniques: String obfuscation, anti-debugging
- Exercise: Reverse engineering an obfuscated Rust binary
Module 6: Advanced Malware Reverse Engineering Techniques in Rust
- Analyzing process hollowing, API hooking, and DLL injection in Rust malware
- Understanding loader injection and packers in Rust binaries
- Practical exercises with Rust malware samples
Module 7: Rust Malware Analysis
- Case studies (e.g., Luca Stealer)
- Writing YARA rules for Rust binaries
- Exercise: Analyzing a Rust malware sample and crafting YARA rules
Chapter 3: Golang Reverse Engineering – Fundamentals and Tooling
Module 8: Introduction to Golang and Reverse Engineering
- Overview of Go language and its features
- Why attackers use Go for malware development
- Go compilation (go build, go install) and runtime basics
- Exercise: Reversing a simple Go binary
Module 9: Basics of Golang Reversing
- Challenges in reversing Go binaries
- Tools for Go analysis: Ghidra, Radare2, GDB, and IDA Pro
- Go runtime analysis: Common runtime functions, calling conventions
- Analyzing Go binary sections and basic structures (int, string, slice, map)
- Exercise: Analyzing a Go binary with basic structures
Module 10: Analyzing Go Structures and Control Flow
- Go structs and interfaces
- Understanding control flow in Go: Functions, methods, loops, and error handling
- Exercise: Reverse engineering a Go program
Chapter 4: Advanced Golang Reversing and Malware Analysis
Module 11: Advanced Go Reversing Techniques
- Challenges with stripped Go binaries
- Advanced Go features: Goroutines, channels, synchronization (wait groups, mutex)
- Analyzing Go’s memory management and reflection
- Exercise: Reversing a Go binary with advanced features
Module 12: Go Malware Analysis
- Case studies of Go-based malware
- Writing YARA rules for Go binaries
- Exercise: Reversing Go malware and crafting YARA rules
Module 13: Capstone Project and Conclusion
- Reverse engineering a complex Go application
- Guided capstone project combining advanced techniques from both Rust and Go
- Review of core concepts and open Q&A session
- Additional resources for further learning
Prerequisites and requirements
PREREQUISITES
- Basic knowledge of Rust and Go programming.
- Familiarity with reverse engineering concepts and assembly language.
- Familiarity with scripting (Python, Bash) and Linux.
HARDWARE REQUIREMENTS
- A working laptop capable of running virtual machines
- 8GB RAM required, at a minimum
- 40 GB free Hard disk space
- Administrator / root access MANDATORY
SOFTWARE REQUIREMENTS
- VirtualBox installed with guest addition
- IDA Pro and/or Binary Ninja would be helpful but not required
Founded in 2021 and headquartered in Paris, FuzzingLabs is a cybersecurity startup specializing in vulnerability research, fuzzing, and blockchain security. We combine cutting-edge research with hands-on expertise to secure some of the most critical components in the blockchain ecosystem.
Contact us for an audit or long term partnership!
Any questions about our services and trainings ?
Let’s work together to ensure your peace of mind.
如有侵权请联系:admin#unsafe.sh