Actions Panel
Executable and Linkable Format (ELF) Binary Analysis Workshop
When and where
Date and time
January 8, 2015 · 9am - January 9, 2015 · 5pm PST
Location
Impact Hub - Seattle 220 Second Ave South Seattle, WA 98104
Refund Policy
Description
Overview
This is a 2-day instructor-led workshop by a pioneer in the field. It is specifically geared towards mastering the arcane art of ELF binary analysis. Today, Linux and UNIX flavor OS's are ubiquitous and ELF is the most commonly used standard executable format. This training will cover the core fundamentals of the ELF format and explore facets including security, viruses, exploitation, reverse engineering, software protection and anti-tamper techniques. This is valuable for reverse engineers who want to gain deep insight into ELF binaries for malware analysis. This is also valuable for a software engineer who wants to understand how your software is attacked and how it can be protected. Over the course of two days, participants will participate in an in-depth and engaging discussion on ELF internals and complete various lab exercises that will have them on the road to becoming UNIX binary hackers. The training makes use of custom tools designed by the trainer, which come complete with source code availability for further learning and modification purposes.
This workshop is presented by Leviathan, taught by Ryan "elfmaster" O'Neill.
An example of Ryan's research can be found at http://www.leviathansecurity.com/white-papers/extending-the-elf-core-format-for-forensics-snapshots/
Duration
2 days from 9:00 AM to 5:00 PM
Course Outline
- Core concepts of the ELF
- ELF Reverse Engineering
- ELF Forensics Analysis
- ELF Virus Design
- ELF Binary Patching
- ELF Anti-forensics
Who Should Attend
Reverse Engineers
Individuals with existing programming and/or reverse engineering skills that are looking to greatly expand their knowledge of ELF/UNIX.
Software Engineers
Developers who are in the field of malware or virus detection and wish to enhance their support for ELF execution or linking in their code. Developers who wish to defend against the tools and techniques taught in the workshop.
Attendee Requirements
Attendees are expected to have a command of the C programming language, basic knowledge of x86 assembly, and comfort with the Linux command line. Attendees must bring a computer with x86 32-bit Linux-based Operating System installed.
Food
Attendees will be provided lunch and refreshments during the workshop.
Tags
About the organizer
Leviathan Security Group provides integrated Risk Management and Information Security solutions for our clients rather than patches, point fixes, or checking off little boxes with red ink pens. Our fortune one-hundred clients and governments rely on us to understand and mitigate their business and technology risks. We help them take the next steps in their evolution and help them maintain their stellar reputations.
Leviathan was formed by the principals of @stake, Guardent, Symantec, and Foundstone when they decided to collaborate and combine their decades of information security experience and their expertise. As the company found success and continued to grow we added research, education, and security strategy experts to expand our client offerings, training programs, and business structure.