Ghidra – Malware analysis from NSA
Teach security professionals to leverage Ghidra for reverse engineering, automate malware analysis workflows, and identify vulnerabilities in binaries.
Get Course Info
Audience: Security champions / Software developers / Project managers
Duration: 3 days
Format: Lectures and hands-on labs (50 % lecture, 50 % lab)
Overview
Ghidra is the NSA’s open-source software-reverse-engineering framework. This course teaches developers to analyze compiled code, automate tasks, and extend Ghidra for vulnerability research and malware analysis.
Objective
Teach security professionals to leverage Ghidra for reverse engineering, automate malware analysis workflows, and identify vulnerabilities in binaries.
What You Will Learn
- Install & explore Ghidra on Linux/Windows/macOS
- Automate reverse-engineering with Ghidra scripts & plug-ins
- Set up environments for malware analysis & headless mode
- Identify memory-corruption vulnerabilities via scripting
- Develop extensions, GUIs, new binary/processor modules
- Contribute to the Ghidra community and integrate advanced tools (SMT, Z3, Angr)
Course Details
Audience: Security champions / Software developers / Project managers
Duration: 3 days
Format: Lectures and hands-on labs (50 % lecture, 50 % lab)
Knowledge of Java or Python • Experience developing software
Setup: Local development environment (cloud option available)
Detailed Outline
- History
- User-perspective program
- Ghidra scripts
- Script development
- Environment setup
- Debugging Ghidra
- Developing & installing extensions
- Real-world sample
- Shellcode analysis
- Batch malware analysis
- Memory-corruption discovery
- PCode
- SLEIGH
- SMT solvers, Z3, symbex, Angr
Ready to Get Started?
Contact us to learn more about this course and schedule your training.