REcon 2025 - Training Announcement
Reversing Modern Binaries: Practical Rust & Go Analysis Training
Dive into the world of Rust and Golang reverse engineering at ReCon 2025! Join Daniel Frederic and Mathieu Hoste for this exclusive 4-day training. You will learn how to analyze binaries, tackle obfuscation, and reverse-engineer malware written in two of the most popular modern programming languages.
Overview
This 4-day training provides a focused and practical approach to reverse engineering Rust and Golang binaries, two modern programming languages increasingly used in software and malware development. The course begins with a strong foundation in each language’s structure, compilation process, and runtime behavior. Using tools like Ghidra, Radare2, GDB, and LLDB, participants will explore how to analyze data structures, navigate control flows, and decode memory management intricacies, all tailored to the unique features of Rust and Go.
As the training progresses, attendees will dive into advanced topics such as handling stripped binaries, understanding obfuscation techniques, and analyzing real-world malware samples. Emphasis is placed on practical exercises, including debugging binaries, writing YARA rules for detection, and approaching challenges like Goroutines and API hooking. The course concludes with a capstone project, combining advanced analysis techniques to tackle realistic reverse engineering scenarios. By the end of the training, participants will have a well-rounded understanding of Rust and Go reverse engineering, applicable to both security research and malware analysis.
23rd-26th of June 2025
ReCon (Montreal, Canada)
4 days
Beginner
Daniel Frederic & Mathieu Hoste
$5500 (before May 1st) - $6000
25 participants
Schedule
Day 1
- Module 1: Introduction to Rust and Reverse Engineering
- Module 2: Rust Compilation and Runtime
- Module 3: Analyzing Rust Structures and Control Flow
Day 2
- Module 4: Tools and Techniques for Rust Reverse Engineering
- Module 5: Advanced Reverse Engineering and Obfuscation Techniques
- Module 6: Advanced Malware Reverse Engineering Techniques in Rust
- Module 7: Rust Malware Analysis
Day 3
- Module 8: Introduction to Golang and Reverse Engineering
- Module 9: Basics of Golang Reversing
- Module 10: Analyzing Go Structures and Control Flow
Day 4
- Module 11: Advanced Go Reversing Techniques
- Module 12: Go Malware Analysis
- Module 13: Capstone Project and Conclusion
Your Instructors
Daniel Frederic
Daniel Frederic is a security researcher at Fuzzinglabs and the current head of the CTF team at LSE. Originally a kernel and low-level developer with a passion for reverse engineering, he merges these interests by focusing on low-level targets. His research primarily involves developing low-level fuzzing tools through in-depth exploration of often obscure targets.
Mathieu Hoste
Mathieu Hoste is a security engineer at FuzzingLabs, he is a cybersecurity enthusiast who began his journey in reverse engineering and especially Rust. Over time, his passion led him to specialize in blockchain vulnerability research. At FuzzingLabs, he focuses on uncovering critical flaws in Ethereum using advanced fuzzing techniques to improve the security of the blockchain ecosystem.
Topics Covered
Day 1: Rust Reverse Engineering – Fundamentals and Tooling
Module 1: Introduction to Rust and Reverse Engineering
- History, philosophy, and features of Rust
- Why attackers use Rust for malware development
- Fundamentals of reverse engineering
- Setting up the reverse engineering environment (Ghidra, GDB, LLDB, Radare2)
Module 2: Rust Compilation and Runtime
- Compilation process: From source code to machine code (LLVM/MIR)
- Rust runtime (Linux and Windows)
- Rust’s calling conventions, memory management, symbol mangling/demangling
Module 3: Analyzing Rust Structures and Control Flow
- Understanding data structures (Option, Result enums, slices, structs)
- Analyzing control flow: Functions, methods, loops, conditionals
- Exercise: Reverse engineering a simple Rust program
Day 2: Advanced Rust Reversing and Malware Analysis
Module 4: Tools and Techniques for Rust Reverse Engineering
- Configuring Ghidra for Rust binaries
- Debugging with GDB/GEF and LLDB
- Practical exercises with Rust debugging and analysis
Module 5: Advanced Reverse Engineering and Obfuscation Techniques
- Tackling stripped binaries: Symbol recovery and function inlining
- Handling obfuscation techniques: String obfuscation, anti-debugging
- Exercise: Reverse engineering an obfuscated Rust binary
Module 6: Advanced Malware Reverse Engineering Techniques in Rust
- Analyzing process hollowing, API hooking, and DLL injection in Rust malware
- Understanding loader injection and packers in Rust binaries
- Practical exercises with Rust malware samples
Module 7: Rust Malware Analysis
- Case studies (e.g., Luca Stealer)
- Writing YARA rules for Rust binaries
- Exercise: Analyzing a Rust malware sample and crafting YARA rules
Day 3: Golang Reverse Engineering – Fundamentals and Tooling
Module 8: Introduction to Golang and Reverse Engineering
- Overview of Go language and its features
- Why attackers use Go for malware development
- Go compilation (go build, go install) and runtime basics
- Exercise: Reversing a simple Go binary
Module 9: Basics of Golang Reversing
- Challenges in reversing Go binaries
- Tools for Go analysis: Ghidra, Radare2, GDB, and IDA Pro
- Go runtime analysis: Common runtime functions, calling conventions
- Analyzing Go binary sections and basic structures (int, string, slice, map)
- Exercise: Analyzing a Go binary with basic structures
Module 10: Analyzing Go Structures and Control Flow
- Go structs and interfaces
- Understanding control flow in Go: Functions, methods, loops, and error handling
- Exercise: Reverse engineering a Go program
Day 4: Advanced Golang Reversing and Malware Analysis
Module 11: Advanced Go Reversing Techniques
- Challenges with stripped Go binaries
- Advanced Go features: Goroutines, channels, synchronization (wait groups, mutex)
- Analyzing Go’s memory management and reflection
- Exercise: Reversing a Go binary with advanced features
Module 12: Go Malware Analysis
- Case studies of Go-based malware
- Writing YARA rules for Go binaries
- Exercise: Reversing Go malware and crafting YARA rules
Module 13: Capstone Project and Conclusion
- Reverse engineering a complex Go application
- Guided capstone project combining advanced techniques from both Rust and Go
- Review of core concepts and open Q&A session
- Additional resources for further learning
Prerequisites and requirements
PREREQUISITES
- Basic knowledge of Rust and Go programming.
- Familiarity with reverse engineering concepts and assembly language.
- Familiarity with scripting (Python, Bash) and Linux.
HARDWARE REQUIREMENTS
- A working laptop capable of running virtual machines
- 8GB RAM required, at a minimum
- 40 GB free Hard disk space
- Administrator / root access MANDATORY
SOFTWARE REQUIREMENTS
- VirtualBox installed with guest addition
- IDA Pro and/or Binary Ninja would be helpful but not required
About Us
Founded in 2021 and headquartered in Paris, FuzzingLabs is a cybersecurity startup specializing in vulnerability research, fuzzing, and blockchain security. We combine cutting-edge research with hands-on expertise to secure some of the most critical components in the blockchain ecosystem.
Contact us for an audit or long term partnership!
