Course Details

This fast-paced 4-day course will make students familiar with reverse engineering Linux malware, starting off with a dense walk through of Linux OS internals and Linux binary analysis techniques, before jumping right in with common Linux malware. Quickly we'll work our way to advanced samples, targeted malware, Linux software protection techniques and packers. We will cover Go malware, Rust, and C++ samples, and explore recent rootkits targeting Linux.

Students will walk away with a deep understanding of Linux binary analysis techniques and knowledge of the Linux threat landscape, being able to dissect advanced Linux malware in their day to day operation.

For more information, please visit here.

Details last updated June 29, 2026

About the Instructor: Dr. Silvio La Porta

Dr. Silvio La Porta is CEO and Co-Founder at RETooling defining and developing Threat Actor emulation platform enabling red team to recreate a realist attack scenario. Previously he was a Senior Cyber Security Architect designing security products and researching advanced detection technology for complex malware/APT. Silvio previously was a lead research scientist with EMC Research Europe based in the Centre of Excellence in Cork, Ireland. His primary research focus areas were real-time network monitoring and data analysis in smart grids to detect malware activity in SCADA systems and corporate networks. He was also leading Security Service Level Agreement (Sec-SLA) and end user security/privacy protected data store projects for hybrid Cloud environment. He is a frequent speaker in professional and industry conferences. Before joining EMC, Silvio worked as a Malware Reverse Engineer in Symantec’s Security Response team in Dublin, Ireland. Silvio holds a PhD in Computer Network Security from the University of Pisa, Italy.

About the Instructor: Dr. Antonio Villani

Dr. Antonio Villani is the Co-Founder of RETooling. He is working full-time on the development of red-team and adversary emulation capabilities for his company. Previously he spent most of his time in the blueteam, reversing high level implants for top tier customers and providing detailed information to support cyber-defense and cyber threat intelligence teams. Now he analyzes complex implants to gain a deep understanding of the TTPs used by threat actors and to provide a high-quality reimplementation of them. As a researcher he published in top tier conferences and journals, and he participated in European research projects in the field of cyber resilience and data security. During his PhD he worked in the field of malware research and digital forensics.