Reverse-engineering starter clinic

A one-day workshop where curiosity meets code—learn to peel back the layers of software to see how it really works.

What is it?

In the Red part of the forest, Through is about exploring the inside of binaries—programs and executables—without breaking anything. Reverse-engineering here is about understanding what a program actually does, rather than trusting what the documentation claims. Participants work hands-on with small sample binaries in a safe lab environment, learning to spot patterns, extract information, and see the structure of code.

Why it matters

Attackers reverse-engineer software to uncover hidden functionality, weaknesses, or secrets. Defenders can do the same to assess risk and understand potential threats. This starter clinic makes these skills accessible: you do not need deep assembly knowledge to start discovering what binaries reveal.

Workshop flow (what participants do)

Session

Activity

Real link for background

Binary forage (Morning)

Learn basic tools and safe lab setup for binary exploration. Disassemble a small sample program.

Foraging for secrets in binaries

Patterns and puzzles (Midday)

Explore control flow, strings, and data structures. Identify what looks suspicious or unexpected.

Reverse engineering training grounds

Through the looking-glass (Afternoon)

Teams work on a simple unknown binary, document its behaviour, and present findings.

Windows binaries / Linux binaries

What you’ll walk away with

  • Practical understanding of reverse-engineering fundamentals.

  • A step-by-step method for exploring binaries safely.

  • Confidence to apply these techniques in your own organisation.

  • A short “behavioural sketch” of a sample binary to take home.

Who is this for?

  • Security teams and analysts who want hands-on experience.

  • Curious technical staff looking to understand how attackers analyse software.

  • Non-technical staff who want to appreciate what reverse-engineering reveals about risk.

Delivery at a glance

  • Duration: Full-day, divided into morning, midday, and afternoon sessions with hands-on labs and group exercises.

  • Setup: Safe local lab environment; no cloud required. Participants can use desktops or laptops with prepared binaries and pre-installed tools.

  • Why it works: Participants practise real exploratory techniques in a narrative, engaging format—no jargon, no pressure, just guided discovery.