Earners of this badge are able to reverse engineer user-mode malware in a Windows environment. They understand the capabilities and limitations of Windows user-mode and can use their knowledge to identify how API interactions work under the hood. In addition, they have a sound understanding of the Windows Portable Executable (PE) file format and Windows program loading architecture and can identify and deal with obfuscation and anti-analysis techniques employed by malware creators.

• Type Learning
• Level Advanced
• Time Days
• Cost Paid