Reverse Software Engineering

Deep binary analysis of Command & Control (C2) components and malicious documents. See PDF Report

Project Description

This project focused on software reverse engineering and the study of complex infection chains. I dissected malicious components to understand their internal mechanics:

• Binary Analysis: Used Ghidra and Binary Ninja to reverse-engineer a C2 component, analyzing its communication mechanisms and persistence capabilities.
• Malicious Document Analysis: Investigated compromised XLS and PDF files, including macro flow analysis to identify execution vectors.
• Infection Chains: Reconstructed the complete attack lifecycle, from document delivery to the execution of the final payload.

Added Value & Professional Objectives

This experience allowed me to develop a rigorous approach to static analysis and a deep understanding of malicious software architectures:

• Key Skills: Binary analysis, C2 protocol comprehension, malicious document investigation, and technical documentation.
• Professional Applications: Skills directly transferable to Incident Response (DFIR), advanced SOC operations, Cyber Threat Intelligence (CTI), or cybersecurity research.