MRE - Certified Reverse Engineer


MCSI Certification Programs are truly worldclass with cutting-edge content that offers you uniquely-designed, hands-on practical and challenging exercises that teach skills immediately applicable in the field towards benefiting career advancement.

This Certification has no expiry date, no renewal fees, no hidden fees, and is accessible with no time limits.

MCSI Certified Reverse Engineer:
  • Employ a systematic approach to malware analysis
  • Perform static, dynamic and behavioral analysis
  • Deobfuscate protected malware samples
  • Manually decompile binaries back to C code
  • Produce descriptions of how APT samples work
  • Develop high-fidelity indicators of compromise (IOCs)

Career Outcomes

Students who have successfully achieved their MRE Certification can apply for Malware Analyst jobs worldwide, fully confident that they have the competencies that the industry is seeking for these roles.

Training Curriculum and Online Assessment

Students must successfully complete 100 practical exercises in MCSI's Online Learning Platform (OLP) prior to undertaking the Final Online Assessment to obtain this Certification.

As an MCSI Certified Reverse Engineer you will be fully capable of performing the following:

  1. Employing a systematic approach to malware analysis
  2. Binary Classification
    • PE format
    • Binary decomposition
    • Classifying executables based on PE properties
    • Developing YARA rules to detect known samples
    • Writing scripts to parse PE files
  3. Behavioral Analysis
    • Sysmon
    • Sandboxing
    • Network simulations
  4. Memory Forensics:
    • Volatility Framework
    • Windows registry
    • Processes and DLLs
    • Process memory
    • Kernel objects
    • Networking
    • GUI
    • Code injection
    • YARA rules
  5. Static Analysis
    • Mastering Ghidra
    • Automated and manual decompilation
    • Annotation, bookmarks, references
    • Analysing different types of PEs
    • Decrypting data and binaries
    • Programming to assist static analysis
  6. Dynamic Analysis
    • Monitoring APIs
    • Defeating anti-debug techniques
    • Dynamically unpacking malware
    • Symbolic execution and emulation
    • Kernel-mode debugging
    • Programming to assist dynamic analysis
  7. Basic Code Deobfuscation Techniques
    • Control Flow Flattening
    • Opaque Predicates
    • Mixed Boolean Arithmetic
    • Strings and Code Encryption
    • Instruction substitution
    • Abusing Windows APIs
  8. Analyse ransomwares, Remote Access Tools (RATs) and APT toolkits with user and kernel mode components


“The MRE is the best reverse engineering training ever. Everything is hands-on and practical, just like Reverse Engineering should be. The training taught me so many new techniques to perform in-depth reverse engineering in the field.”

Reverse Engineer, Financial Services

“I learnt practical skills to perform malware analysis that I have never learnt before. The advanced technical concepts and skills taught are fantastic. I recommend this to anyone interested in malware analysis.”

Malware Analyst, Financial Services

“When I enrolled in the MRE I was blown away, so I immediately enrolled the rest of my team. Each exercise is exactly like something I would do as a Reverse Engineer providing an amazing method of learning. Excellent work MCSI!”

Senior Malware Reverse Engineer, Consulting Services

Why MCSI’s Reverse Engineering Certification is World Class

  • World-Class Requirements Met Are Above Standard: Holders of the MRE Certification have completed 100 practical online exercises thus demonstrating that they have the skills and knowledge in the following areas: binary classification, static analysis, dynamic analysis, behavioral analysis, memory forensics and code deobfuscation.
  • Internals Focused: Students who have obtained this Certification have demonstrated that they have a full understanding of the Windows operating system's internals for digital forensics, incident response and malware analysis purposes.
  • Practical Challenges: Students must reverse engineer 20 malware samples. Many of which are APT toolkits discovered in the wild.

Course Overview