Low level assembly programming, identify common techniques and approaches for basic reverse engineering, disassembler and debugger aided debugging, reverse engineering high level languages, identifying and defeating anti-disassembly techniques, anti-debugging techniques, code obfuscation.Windows PE file format overview, Windows API & COM overview, Malware persistence mechanisms (Registry by means of service, Trojans, DLL load order hijacking), user-mode rootkits, Privilege elevation mechanisms used by malwares, Malware execution(DLL injection, Process replacement, using Hooks and APC), Malware data encoding (common ciphers, custom encodings, Anti-analysis tricks used by malwares(Anti- disassembly, anti-debugging), Packers YARA rules, Analysing malwares.

1. Michael Sikorski and Andrew Honig, “ Practical Malware Analysis”, No Starch Press,2012

2. Bruce Dang, AlexandreGazet, Elias Bachaalany and SebastienJosse, Practical Reverse Engineering, First Edition, Wiley Publishers, 2014.

3. EldadEilam, Reversing: Secrets of Reverse Engineering, Wiley Publishers, 2005.

• CO1: Understanding how to pick apart obfuscated systems systematically to understand their inner workings using reverse engineering techniques (PSO2)
• CO2: Learn how to detect malicious programs and classify them from benign programs and how malicious programs try to evade detection(PSO1,PSO2)
• CO3: Learn how to analyze and detect techniques used by malicious programs for activities such as persistence, data exfiltration etc(PSO1,PSO3,PSO4)
• CO4: Understand how to analyze and defeat techniques used by programs such as anti debugging and anti disassembly to make their analysis (static/dynamic) harder (PSO4,PSO2,PSO1)