RE//verse 2026 Training - Advanced Linux Malware Reverse Engineering with Marion Marschalek (3-Day course)

RE//verse 2026 Training - Advanced Linux Malware Reverse Engineering with Marion Marschalek (3-Day course)

$3,600.00 Sale

Badge Info

Registration Info

This fast-paced 3-day course will make students familiar with reverse engineering Linux malware, starting off with a dense walk through of Linux OS internals and Linux binary analysis techniques, before jumping right in with common Linux malware. Quickly we'll work our way to advanced samples, targeted malware, Linux software protection techniques and packers. We will cover Go malware, Rust, and C++ samples, and explore recent rootkits targeting Linux.

Students will walk away with a deep understanding of Linux binary analysis techniques and knowledge of the Linux threat landscape, being able to dissect advanced Linux malware in their day to day operation.

  • TRAINING:  March 2-4th, 2026 (3-days)
  • CONFERENCE: March 5th-7th, 2026 (requires separate purchase, begins the evening of the 5th)
  • LOCATION: Caribe Royale, Orlando, FL (discounted group rate link)
  • NOTE: Conference admission purchased separately.  Conference tickets can be purchased here.

Description

Day 1

  • Linux specific reverse engineering concepts, OS internals and ELF file format, dynamic analysis on Linux
  • The Linux most-wanted, DDoS bots, bitcoin miners, ransomware
  • C++ reverse engineering with Linux malware examples from real world attacks

Day 2

  • Linux analysis evasion tricks, packers, process injection techniques
  • Hands on unpacking and evasive sample analysis Linux rootkits and eBPF based malware such as Diamorphine, Phalanx2, BPFDoor, and Symbiote

Day 3

  • Go and Rust reverse engineering of Linux malware, such as Luna and BlackCat ransomwares
  • Targeted Linux malware samples, cases like Turla and BVP47

    Key Learning Objectives

    • Proficiency in Linux binary analysis knowledge
    • Understanding Linux malware in-depth
    • Learning Linux analysis evasion techniques
    • Advanced analysis techniques, static and dynamic

    Class Requirements

    Proficiency in reverse engineering x86-64, understanding of other architectures appreciated; basic scripting skills required, Python/Bash. Laptop with x86-64 architecture required to follow class, should be able to run VMware Player, and have 30GB of free disk space. User should have permissions to install software on the machine.

    Trainers

    Marion Marschalek is an independent security researcher with over 15 years of experience in the security industry, with a primary focus on reverse engineering, and background in malware research and detection, incident response, microarchitecture security and cloud security engineering. She has held positions in Intel and AWS and various threat detection companies, and has published ample research over the years, presenting at conferences like BlackHat, HITB, RSA and REcon. In 2015 Marion founded BlackHoodie, a series of hacker bootcamps which successfully attracts more women to the security industry. 

    Back to RE//verse Admissions (Requires Sales Tax)