Trail of Bits is excited to announce new training offerings for automated reverse engineering with Binary Ninja.
- January 20-23, 2020 – New York City
We’ve been raving about Vector35’s Binary Ninja for years. We’ve used it to:
- Generate “exploits” for 2,000 unique binaries in DEFCON’s 2016 CTF qualifying round
- Implement the bizarre clemency architecture from DEFCON’s 2017 competition’
- Write an architecture-agnostic plugin that could devirtualize C++ virtual functions
- Demonstrate how Heartbleed can be accurately modeled in a binary
- Recover program control flow in McSema 2.0
- Implement Ethersplay, a disassembler for EVM bytecode
That work, and a whole lot of correspondence, has garnered high praise from an author of Binary Ninja:
Josh is without a doubt our most knowledgeable Binary Ninja user. We pay attention very closely to any of his feedback and we couldn’t think of a better third-party instructor to teach about how to use Binary Ninja to solve reverse engineering problems.
– Jordan Wiens, Co-Founder, Vector35
If you’re doing any amount of manual reverse engineering, you really should consider learning to use Binary Ninja. Its API is much clearer than its competitors. There’s more documentation on it as well as lots of examples. You can find what you need quickly.
Binary Ninja is a much more modern design than other binary analysis tools. Vector35 built it from the ground up with the intention to continue to innovate on top of it, and avoid handcuffing themselves with past design choices. They’re constantly adding more new features and better analysis, which is exposed to allow you to write plugins on top of it and create your own tooling.
It’s much easier to automate things as well. Because of those analyses that are baked in, you don’t have to implement them yourself. Everything is lifted to an architecture-agnostic language, so that you can perform the same analysis on any language that Binary Ninja can disassemble. If you write your own architecture plugin and implement the lifter using the API, you get all of that analysis for free immediately.
If that weren’t enough to get your attention, Binary Ninja is significantly less expensive than its major competitors.
Master Binary Ninja with Help from Industry Experts
You could learn Binary Ninja by yourself. Vector35 has done a great job publishing helpful materials, managing a healthy Slack community, and giving informative presentations.
However, if you can’t bill for hours spent studying, consider our modular trainings. They can be organized to suit your company’s needs. You choose the number of skills and days to spend honing them. Here’s what you can learn and accomplish:
- Reverse Engineering with Binary Ninja (1 day)
By the end of this one-day module, you will be able to reverse engineer software and automate simple tasks, and you’ll be ready to dive into the primary module, Automated Reverse Engineering.
- Automated Reverse Engineering with Binary Ninja (2 days)
Take your reverse engineering skills to the next level. This two-day training module dives deeper into the Python API. By the end of the module, you will be able to automate common analysis tasks, as well as extend Binary Ninja’s built-in functionality with plugins.
- Automated Malware Analysis with Binary Ninja (2 days)
Building on the Automated Reverse Engineering module, this two-day module provides a toolbox for tackling the advanced techniques that malware uses to hide or obscure its functionality. By the end of the module, you will be able to write plugins that detect and deobfuscate strings and control flow to make sense of a binary’s functionality, as well as scripting detection routines to identify malicious behavior for batch processing.
- Automated Vulnerability Research with Binary Ninja (2 days)
Adding to the Automated Reverse Engineering module, this two-day module gives you the tools to automate bug-hunting tasks in binary applications, then write exploit payloads in C with Binary Ninja. Exercises are provided as a friendly Capture-the-Flag format.
- Custom Loaders and Architectures (1 day)
This one-day module trains you to expand Binary Ninja’s support for new file types and architectures. You will also learn how to extend existing architecture plugins. At the end of the module, you will be able to reverse engineer an instruction set, and implement disassemblers, lifters, and loader plugins.
- Extending Binary Ninja with the C++ API (1 day)
This one-day module demonstrates the differences between the various APIs and how to write effective Binary Ninja plugins in C++. At the end of the module, you will be able to develop standalone applications that interface with Binary Ninja’s core.
Download a PDF containing all of these modules’ descriptions.
Empower Your Analysts to do More
Reverse engineering offers tremendous potential, but if you do it manually, you’re wasting a lot of time and intelligence. Automate your reverse engineering with Binary Ninja, and accelerate your capabilities with our training modules.