Practical and Theoretical Reverse Engineering Course


Features of the Reverse Engineering Course:

  • 15 highly technical modules
  • All technical chapters include challenges with walkthroughs.
    • 10 applications to reverse engineer
  • All technical chapters include demostration videos.
    • 6 hours of video material
  • Attend from the comfort of your desktop or home
  • Successful completion leads to the prestigious eCRE certification
  • Learn about IA-32 CPU Architecture
  • Understand the importance of the Stack
  • Learn to distinguish different calling conventions
  • Analyse in depth the function calling/return steps
  • Learn about important Ring3 Windows Internal Structures
  • Learn different methods to locate the important algorithms
  • Understand and bypass Anti-Reversing techniques
  • Perform full manual unpacking on packed executables
Practical and Theoretical Reverse Engineering Course


Course description:

This fundamental course teaches you the theoretical and practical knowledge required to perform advanced reverse engineering of software on assembly level in third party software and/or malware.

Through a series of lessons, which also involve several challenges to be solved and to play with, you will be taught all the necessary skills to succeed as a professional reverse engineer (and not just acquire a superficial understanding of how to use reversing tools).

The training is based on Windows NT OS, since malware & vulnerability researchers as well as software pirates still mostly target this operating system.


During your advanced reverse engineering training you will learn several methods used to identify, isolate, and finally analyse the portions of any code which are of high interest. You also learn about the most common Windows APIs utilized for file, memory and registry manipulation by either software protections (such as packers) or malware.

Additionally, the training does also focus on several packers in order to give you as the student all the essential knowledge and understanding of manual unpacking. This is one of the most important parts of advanced reverse engineering.

On top of all these exciting topics, you will also get insights into the most common anti-reversing tricks, including different code obfuscation methods. Not only will you analyse their mechanisms, but also learn how these can be bypassed in order to successfully perform the reverse engineering process.


Who should take this course?

This advanced reverse engineering training course is highly practical, meaning you will learn things by yourself and not just listen to some instructors and watch. If you like the "learning-by-doing" approach, then this is for you. This is NOT a "learn - repeat - forget" type of training. The course guidance ensures that you will get all the necessary knowledge along the way.

The Advanced Reverse Engineering of Software training course is obviously one of the basics for the current or future malware researcher. If you are involved in any kind of software development, you will benefit from learning how pirates attempt to bypass your protection, and in turn be able to create more sophisticated and smart ways to keep pirates away as efficiently as possible.

This course definitely benefits you if you are a penetration tester, security analyst, antivirus researcher, software developer, software tester, malware researcher, government IT staff, computer forensics expert, IT security expert, mobile application developer, game developer, incident response team member, vulnerability researcher or a web application security expert among others.

Since reverse engineering is based on the complete understanding of computing architecture, this course serves as a great foundation for everyone working in IT positions. With this foundation you will understand even the most complex IT topics more easily.

Who should not take this course?

Sorry, but if you are looking to quickly memorize some theory which you can dump during an exam to get another certificate, this course is NOT for you.

If you are simply looking for user-manuals of reverse engineering tools in course format, then you won't be happy with this highly interactive training course either.



Incredibly In Depth and Practical


The course is mainly divided into two sections, a theoretical one and a practical one. These sections contain PDF documents which comprise the written part of the course, demonstration videos for the technical chapters as well as practical exercises. By combining all the mentioned material you can be sure that by the end of the course you will have acquired all the necessary knowledge and basic skills to proceed as a professional reverse engineer either in the area of malware analysis or even as an exploit writter.

Theoretical section:

The first four chapters aim to cover all the necessary theory that you will be constantly using throughout the rest of the course.

During these chapters we cover the basics of the IA-32 Architecture as well as other important concepts such as functions, stack frames, heaps, exceptions, important Ring3 Windows internal structures, PE file format, etc...

The knowledge that you will acquire through the first four chapters will help you understand better the technical issues that we will be dealing with during the technical section of the Reverse Engineering course.

Technical Section

The rest ten chapters (5-15) comprise the technical section of this course. During these chapters you will learn in practice how to locate the important algorithms and finally reverse engineer them. We will also see in practice the concepts mentioned during the theoretical section in order to appreciate their importance.

These chapters are highly technical and include practical exercises and demonstration videos.

You will be encouraged to go deep on more advanced concepts such as several Anti-Reversing techniques and various code obfuscation methods, which we will analyse together and we will teach you how to deal with them in practice. We did our best to offer to our students only practical and useful knowledge, avoiding things that have no practical value in a real life scenario.




How am I going to learn all this?
The fun way of course!!! Don't worry, eLearnSecurity courses are very interactive and addictive. During this training you will have to deal with several guided reversing challenges, so knowledge and fun is guaranteed. Just don't expect the outdated way of learning by reading pages and pages of theoretical methodologies.

Can I track my learning progress?
Or will I only find out during the exam if I actually learned something?
The answer to these questions is very simple. Your achievements will tell. Each practical chapter of the course has some cool Reversing Challenges associated with it. You will solve these together with us, while we explain you all the necessary concepts. Then you are free to practice as long as you want to on these experiments. If you can solve a challenge, you know that you learned and understood the concepts behind it properly.

Is there any final examination?
Yes. The final examination consists of two parts. The first part is a multiple choice quiz test. Once you have passed this you will proceed with the hands-on examination. During this second part of your exam you will have to solve a complex Reverse Engineering Challenge.

Will I get a certificate?
Once you passed the complete final examination, you are an "eLearnSecurity Certified Reverse Engineer" and will hold the eCRE certification. You can print your shiny new certificate directly or have it shipped to you internationally.





Kyriakos Economou has more than 7 years of experience in the field of Reverse Engineering in Windows OS systems, including the analysis of custom/commercial software protections,executable packers, and other third party algorithms.
He is also the owner of and the author of the A.R.F Project which maintains in his free time.
He was the author of several Reverse Engineering Challenges including those for Athcon 2011, 2012, and co-author for the challenge for Athcon 2013.
Apart from malware analysis and Anti-reversing techniques he is also interested into security research, exploit and custom tools development. He is currently working as a malware analyst in Portcullis Computer Security.



Become eCRE with eLearnSecurity's Reverse Engineering Course



The Full and Elite version of the Advanced Reverse Engineering of Software training course both include an exam/ certification voucher for you. This means that after completing the training course, you can take the exam and become eCRE certified (eLearnSecurity Certified Reverse Engineer).

The eCRE certification is very valuable for your professional portfolio, regardless if you are looking to advance your career in the IT Security field or offering services on your own as a freelancer. It proves that you have the hands-on skills of a reverse engineer. It will also improve your company’s reputation and ensure your IT staff is well educated.

Once you pass the exam, you have access to download your secure certificate for printing. You also have the option to have it printed and shipped to you. The certificate can be validated at any given time online.

The exam process is split into two parts.
First you need to pass part 1, a theoretical exam. Once that is done, you can proceed to part 2 - the practical hands-on challenge. Once you pass this, you are a "eLearnSecurity Certified Reverse Engineer".



During this training you will have to deal with several guided reversing exercises, so knowledge and fun is guaranteed. Just don't expect the outdated way of learning by reading pages and pages of theoretical methodologies.
The following is a list of the exercises for each module in the course.

# Lab Section
1 String References & Basic Patching Technical Part I
2 Exploring the stack Technical Part I
3 Algorithm Reversing Technical Part I
4 Windows Registry Manipulation Technical Part I
5 File Manipulation Technical Part I
6 Anti-Reversing Tricks I Technical Part II
7 Anti-Reversing Tricks II Technical Part II
8 Anti-Reversing Tricks III Technical Part II
9 Code Obfuscation Technical Part II
10 Analyzing Packers & Manual Unpacking Technical Part II




During this course we assume that you have a basic understanding of x86 assembly language, number bases (decimal,hex,binary), and that you are aware of fundamental programming concepts such as variables, loops, functions etc...

Having some experience with using Debuggers and Hex Editors will help you a lot during this course, even though it is not necessary since we explain how to achieve every task through the tools we use.

Keep in mind that this is not an Assembly language teaching course, so not much detail will be given in this context. However, we do explain in detail the instructions involved in the algorithms that we Reverse Engineer in the technical chapters.


I don't reach the Recommended skills required. What should I do?


If you don't meet the Minimum required skills you are entitled to enroll in our course at your own risk.
We will do our best to help you fill the skills gap pointing you towards the right direction.
Moreover our course comes with life-time access to course material so you can always refer to external books or references,
when you encounter difficulties during the course.


If you don't meet the Recommended required skills you should not worry.
You can still enroll in our course and eventually use the help of our private forum to clear your doubts.
Our instructors will be there to help you with any kind of question related to the course and even the background skills that you would require.


Need help determining your level?


Please contact us through live chat or our contact web form. One of our consultants will be available to help.





Read what our clients, Industry experts and Leading Information Security websites say about us...



I think if you are looking for Penetration Testing Training this is a great choice, even if you have no desire to take the certification you can learn a lot just by studying the modules and applying yourself.
If you are just starting out (still studying or a fresh grad) I think the course and the certification will definitely have a positive effect on your career... and certainly makes economic sense when comparing to attending real life 5-day courses. It goes into a lot more depth than other courses and can really benefit your skills. I wish there was something like this in 1999 when I was starting out. The way in which the material is presented is a lot more interactive and interesting than many other courses out there with a good mix of words, images and videos plus a good theory/practical mix too. This makes it a lot easier as many of the topics within info sec can get very dry very fast.

Shaolin Tiger, Founder of

eCPPT curriculum is definitely a valuable security training which permits both professionals and beginners to significantly improve or update their skills in a minimal amount of time.

Frédéric Bourla, Head of Ethical Hacking Department at High-Tech Bridge SA

I could not be what I am today if I did not know Mr Armando Romeo. Last 2 years I was a beginner, and I took eCPPT. This course opened up my horizon in penetration testing. Since then, my life has changed. I wish to express my gratitude to eLearnSecurity's staffs and especially to Mr Romeo for his help. You pave the way for me to enter the real security world.

Pornsook Kornkitichai, Security Engineer at Kasikorn Bank

I took the eCPPT course due to the lack of actual certifications that prove you have the skills required to attack and actually penetrate targets. Most certifications simply prove that you can take an exam and learn theory, but I was very pleased with the requirements to pass this course as it shows you have the practical skills as well.

Simon Earl, Director at IT Security Experts Ltd

This is what the CEH/LPT* should have been, and I am delighted to say that if students can master the topics and techniques in eLearnSecurity's Penetration Testing Pro, they should be well on their way to being an accomplished pentester

Jason Haddix, Penetration tester at HP and founder of

eLearnSecurity's training really dives deep into the underlying concepts beneath pentesting tools. Covered in the course are much deeper understandings of topics such as buffer overflows (which, while I already understood the concepts, Armando and his team went out of their way to come up with the best high-level to low-level explanations I've read on the topic, for newcomers and seasoned professionals alike), Network Security, and Web Application Security. The coverage of these topics, and the amount of time they allow the student to access them, really helps to enforce good learning, with extended opportunity and study time, for an exceptional value. For anyone who is budget constrained, I'd say, with total confidence, that the value of eLearnSecurity's training meets and / or exceeds the value of many other programs available, and if one truly desires to learn the technical aspects of IT Security, it's a certification course well-worth the time and investment.

Timothy E. Everson MCNE CDE CLE CCNA CEH, Novell Inc.

The mix of Video Tutorials, exercises and support from fellow students on the forum was fantastic. Anyone who wants to specialize in Web Penetration Testing, this course is a must to get you started. Thanks for your efforts in making this happen Armando

Denis Hancock, Manager Samurai at Consulting Pty Ltd

Having been in the security field for over 5 years I assumed this would be a quick and easy certification. After getting into the training course I was pleased to find that I was learning new things and that the course was certainly more challenging than I had anticipated. I found that it filled in several knowledge gaps when it comes to pentesting, and I would recommend this course to both veterans and newcomers to the security field.

Steven Collins

The learning experiences was amazing! I have learned so much in such a short time. Would recommend to any one (even the more experienced of us) to take that course. You wouldn't believe how much you can still learn!

Oded Brilon, StrikeForce Engineer at CSC Australia

Unbiased third party reviews that you can find online:



*Comparison with v6 of CEH curriculum




If you have questions that you don't find answered here please contact us.


What software/hardware requirements are there?

You need to have a PDF Reader.

In order to study the course you won't be forced to use any particular OS. However a Windows XP is recommended for the challenges.

An internet connection speed of at least 128Kbit/s. 256Kbit/s or higher is also recommended for a good video experience.



How do you provide support?

As soon as you enroll in one of our courses you are provided with access to private forum where you will find instructors and community managers available to help you 24/7. Response time is usually a matter of hours (sometimes minutes).

Support for billing, technical and exam-related questions is also provided through email, ticketing service and live chat.



How can I pay?

We accept all major credit cards, Paypal, Wire transfer, 2Checkout, MoneyBookers and purchase order.

MoneyGram or Western Union are NOT accepted.



Are there any hidden fee?

There are no hidden fees. If you are from a country where VAT is required, you have to add VAT to our ticket price. We are legally obligated to collect VAT on your behalf.

There is no software to buy or renewal fees to pay and you get lifetime access to acquired course materials.



What happens when there's a new update to the contents?

You have lifetime access to course material and we will include minor updates to the contents free of charge. Minor updates include: an addition of a new module, a new video, bug fixes, improvements to labs, addition of a small number of new labs.

A major upgrade occurs when there is more than one new module added or the contents added are a significant portion of the material you acquired.

When we issue a new major upgrade you can upgrade to the new version with a minor upgrade fee, or keep your current version. The upgrade fee will be established proportionally to the amount of new content added and according to the time elapsed between your enrollment and the release of the new content. Note: if you enroll today and we issue a new major release you will get the new release for free.

There is no published update schedule and we reserve the right to issue minor or major updates when we see the need.



Can I request a refund if contents are too difficult for me?

We only process refunds/chargebacks for fraudulent transactions.



What is the difference between subscription and full plans?

The only substantial difference between the two plans is that you can have your payment diluted through the subscription plan while nothing changes in terms of the content you receive.



If I choose to pay through the subscription plan, can I still get certified?

Yes, you will be given an eCRE voucher as soon as you get the entire material (on the 60th day from enrollment).

Your exam deadline will be counted starting from the day you are assigned the eCRE voucher.



Can I cancel my subscription?

You can cancel your subscription at any time.
As soon as you enroll you will receive 2 logins: one to access our course material and another to access your billing panel on our payment gateway Plimus. By using the Plimus login here you can manage your subscriptions.

Our subscription is meant to facilitate the payment for the course, not for you to receive sections of our course separately.
Once the subscription is completed, your access to the course material is unlimited.



If I choose to pay through the subscription plan, how much do I pay and when?

Under the Subscription plan, you will be billed depending on the chosen plan.

Every payment entitles you to receive a new section of our course. After the last billing cycle you will have full life-time access to all the course material and the eCRE voucher, depending on the chosen plan.


"Read this before signing up for any Penetration Testing Course"