This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
Topic 3.2 of Reversing Malicious Code
Basic blocks, CFG construction, reading IDA Pro graph view edge colours, and four CFG obfuscation techniques — opaque predicates, overlapping instructions, indirect jumps, and SEH abuse — with bypass approaches.
By the end of this topic, you will
Quadrant 1 · e-Tutorial
Quadrant 2 · e-Content
Quadrant 3 · Web Resources
Downloadable reference material
External links
Ghidra Function Graph — Official Documentation
Ghidra cheat sheet including Function Graph navigation shortcuts. Use alongside the CFG analysis workflow.
CrackMes.one — CFG Analysis Practice
Practice CFG analysis on beginner CrackMes. Start with difficulty 1-2. Map the full CFG before attempting a solution.
REMA eBook 2026 — Chapter 3, Control Flow Analysis
Full CFG diagrams and obfuscation technique explanations in the REMA eBook Chapter 3.
Quadrant 4 · Self-Assessment
Reversing Malicious Code
Covers x86 and x64 assembly analysis, control flow graphs, Windows API-level malware behaviour, DLL analysis, injection techniques, API hooking, and Living-off-the-Land attacks.
REMA Complete Assessment
A comprehensive 120-question assessment covering the entire Reverse Engineering and Malware Analysis curriculum: malware taxonomy and reverse engineering fundamentals, static and dynamic analysis, reversing malicious code, malicious web and document files, in-depth analysis of packed and fileless malware, and self-defending malware techniques.