This is a 2-day instructor-led workshop by a pioneer in the field. It is specifically geared towards mastering the arcane art of ELF binary analysis. Today, Linux and UNIX flavor OS's are ubiquitous and ELF is the most commonly used standard executable format. This training will cover the core fundamentals of the ELF format and explore facets including security, viruses, exploitation, reverse engineering, software protection and anti-tamper techniques. This is valuable for reverse engineers who want to gain deep insight into ELF binaries for malware analysis. This is also valuable for a software engineer who wants to understand how your software is attacked and how it can be protected. Over the course of two days, participants will participate in an in-depth and engaging discussion on ELF internals and complete various lab exercises that will have them on the road to becoming UNIX binary hackers. The training makes use of custom tools designed by the trainer, which come complete with source code availability for further learning and modification purposes.
This workshop is presented by Leviathan, taught by Ryan "elfmaster" O'Neill.
An example of Ryan's research can be found at http://www.leviathansecurity.com/white-papers/extending-the-elf-core-format-for-forensics-snapshots/
2 days from 9:00 AM to 5:00 PM
- Core concepts of the ELF
- ELF Reverse Engineering
- ELF Forensics Analysis
- ELF Virus Design
- ELF Binary Patching
- ELF Anti-forensics
Who Should Attend
Individuals with existing programming and/or reverse engineering skills that are looking to greatly expand their knowledge of ELF/UNIX.
Developers who are in the field of malware or virus detection and wish to enhance their support for ELF execution or linking in their code. Developers who wish to defend against the tools and techniques taught in the workshop.
Attendees are expected to have a command of the C programming language, basic knowledge of x86 assembly, and comfort with the Linux command line. Attendees must bring a computer with x86 32-bit Linux-based Operating System installed.
Attendees will be provided lunch and refreshments during the workshop.
When & Where
Leviathan Security Group
Leviathan Security Group provides integrated Risk Management and Information Security solutions for our clients rather than patches, point fixes, or checking off little boxes with red ink pens. Our fortune one-hundred clients and governments rely on us to understand and mitigate their business and technology risks. We help them take the next steps in their evolution and help them maintain their stellar reputations.
Leviathan was formed by the principals of @stake, Guardent, Symantec, and Foundstone when they decided to collaborate and combine their decades of information security experience and their expertise. As the company found success and continued to grow we added research, education, and security strategy experts to expand our client offerings, training programs, and business structure.