This course introduces the essential concepts, tools, and techniques for understanding, analyzing, and investigating binary programs, in general, and malicious programs, in specific. It begins with easy methods that can be used to get information from relatively unsophisticated programs, and proceeds with increasingly complicated techniques that can be used to tackle even the most sophisticated malicious programs. Particular topics include static analysis techniques, dynamic analysis, assembly language and disassembly, recognizing C code constructs in assembly, debugging, and obfuscation techniques.