Reverse Engineering Resources | Beginners To Intermediate Guide/Links 💯

image

What is reverse engineering:

Reverse engineering may refer to any of the following: 1. When referring to computer science / programming , reverse engineering means to “break down” the programming code. … Generally speaking, the purpose is to fix errors in the software engineer’s code, or create a program like the one being deconstructed.

Are reverse engineering and decompilation the same ?

Decompilation is just one method of reverse engineering.

From the decompilation description:

Decompiling is the process of analyzing an executable or object code binary and outputting source code in a programming language such as C. The process involves translating a file from a low level of abstraction to a higher level of abstraction.Decompilation is usually carried out using a decompiler. From Wikipedia’s article on reverse engineering:

Reverse engineering is the process of discovering the technological principles of a device, object, or system through analysis of its structure, function, and operation.

Software can be reverse engineered and decompiled. A lot of other things (such as hardware, door locks) can be reverse engineered but not decompiled, because their software/firmware is written in low level languages without a higher-level representation, or, more radically, they don’t have any firmware in the first place.

Whenever we begin up reverse engineering Two things will come up in mind :

Dynamic program analysis is the analysis of computer software that is performed by executing programs on a real or virtual processor.

Static program analysis is the analysis of computer software that is performed without actually executing programs.

In other words :

  • The static analysis is usually based on analyzing the program without the need to execute it. It is mostly based on finding patterns, counting memory references, … The Wikipedia page about Static program analysis is, from my point of view, incomplete but still a good read.

  • The dynamic analysis , on the other hand, involves executing the program and requires instrumentation of basic blocks such as loops, functions, … The instrumentation consists of inserting probes at the entry and exit of a basic block which will measure the time according to a certain metric (CPU cycles, time in µs, …). The information gathered after the analysis is usually used to optimize the application by performing loop unrolling with a suitable unroll factor, vectorization if possible (SSE, AVX, Altivec, …), etc.

Ok let’s Jump into resources, Please note that the following collection is collected by various professionals I just summarize it up here. All credits go to original authors.

Assembly Fundamentals

  1. LiveOverflow Binary Hacking:star2::speech_balloon:

  2. OpenSecurityTraining.info: Introductory Intel x86:star2:

  3. Practical Reverse Engineering:star2::speech_balloon:

  4. Practical Malware Analysis:star2::speech_balloon:

  5. Assembly Language Step-by-Step: Programming with Linux

  6. Wikibooks: x86 Disassembly

  7. Eli Bendersky: Where the top of the stack is on x86

  8. Eli Bendersky: Stack frame layout on x86–64

  9. x86 Assembly Guide (CS216 ‘06)

C Fundamentals :

  1. The C Programming Language (K&R)

  2. The GNU C Reference Manual

  3. Learn C the Hard Way

  4. Learn C in Y Minutes

  5. Beej’s Guide to C Programming:speech_balloon:

Reverse engineering Fundamentals :

  1. LiveOverflow Binary Hacking:star2::speech_balloon:

  2. OpenSecurityTraining.info: Introduction to Reverse Engineering Software

  3. RPISEC: Modern Binary Exploitation:star2:

  4. Practical Reverse Engineering:star2::speech_balloon:

  5. A Bug Hunter’s Diary:star2::speech_balloon:

  6. Reversing: Secrets of Reverse Engineering:speech_balloon:

  7. Basic Dynamic Analysis with IDA Pro and WinDbg:speech_balloon:

  8. Ben Hawkes: What makes software exploitation hard?

  9. GynvaelEN Hacking Livestreams

  10. The Art of Fuzzing: Slides and Demos

  11. Malware Unicorn: Reverse Engineering Malware 101:star2:

  12. sploitF-U-N: Linux (x86) Exploit Development Series

  13. Gynvael Coldwind: How to find vulnerabilities?

  14. High-Level Approaches for Finding Vulnerabilities

  15. FuzzySecurity Tutorials:star2::speech_balloon:

  16. GitHub CTF Write-ups:speech_balloon:

  17. Dennis Yurichev’s Reversing Challenges

General

Articles

Educational

Timelines

Videos

Things that are interesting/don’t fit elsewhere

Things that Don’t fit elsewhere

Comparison Tools

References

General Research/Stuff

Tools

Binary Visualization Tools

General

De/Obfuscators/Unpackers

ELF/Related Tools

Emulators

Packers

PE32/Related Tools

OLE

  • python-oletools

  • python-oletools is a package of python tools to analyze Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office documents or Outlook messages, mainly for malware analysis, forensics and debugging. It is based on the olefile parser. See http://www.decalage.info/python/oletools for more info.

Searching Through Binaries

Static Analysis Tools

OS X

Linux

Windows

Debuggers

Debuggers

All platforms

Hypervisor-based debugger

Debugging Writeups/Papers

Decompilers & Disassemblers

Overview & Tutorials

Java

.NET

IDA specific Stuff

IDA Extensions

IDA Plugins

IDA Tutorials/Help

File Formats

Flash Player

Frameworks

Programming Language Specifics/Libraries

Programming Language Specific Stuff/Useful/Related Libraries

GO

Python

Decompiler

  • python-uncompyle6

  • A native Python cross-version Decompiler and Fragment Decompiler. The successor to decompyle, uncompyle, and uncompyle2.

  • Decompyle++

  • C++ python bytecode disassembler and decompiler

  • Python Decompiler

  • This project aims to create a comprehensive decompiler for CPython bytecode (likely works with PyPy as well, and any other Python implementation that uses CPython’s bytecode)

PyInstaller Extractor

  • Extract contents of a Windows executable file created by pyinstaller

Easy Python Decompiler

Anti-Reverse Engineering Techniques & Countermeasures

Anti-Reverse Engineering Techniques & Countermeasures

Talks

IDA specific Stuff

IDA Extensions

IDA Plugins

IDA Tutorials/Help

File Formats

Flash Player

Frameworks

Programming Language Specifics/Libraries

Programming Language Specific Stuff/Useful/Related Libraries

Anti-Reverse Engineering Techniques & Countermeasures

Anti-Reverse Engineering Techniques & Countermeasures

Techniques

.NET Related

Writeups

Writeups(Papers/Videos)

Binary & Code Analysis

Firmware

General

OS X

Packers

PDF

Process Hooking

Protocols

Satellites

Windows

Wireless

Windows

Event Tracing for Windows and Network Monitor

Improving Automated Analysis of Windows x64 Binaries

Microsoft Patch Analysis for Exploitation

Apart From The above Valuable links ,Other Uncategorized would be

  1. LiveOverflow Binary Hacking:star2::speech_balloon:

  2. OpenSecurityTraining.info: Introduction to Reverse Engineering Software

  3. RPISEC: Modern Binary Exploitation:star2:

  4. OpenSecurityTraining.info: Introductory Intel x86:star2:

  5. OpenSecurityTraining.info: The Life of Binaries

  6. OpenSecurityTraining.info: Reverse Engineering Malware

  7. RPISEC: Malware Analysis

  8. Practical Reverse Engineering:star2::speech_balloon:

  9. A Bug Hunter’s Diary:star2::speech_balloon:

  10. Reversing: Secrets of Reverse Engineering:speech_balloon:

  11. Practical Malware Analysis:star2::speech_balloon:

  12. Assembly Language Step-by-Step: Programming with Linux

  13. Wikibooks: x86 Disassembly

  14. The C Programming Language (K&R)

  15. The GNU C Reference Manual

  16. Learn C the Hard Way

  17. Learn C in Y Minutes

  18. Beej’s Guide to C Programming:speech_balloon:

  19. The Shellcoder’s Handbook: Discovering and Exploiting Security Holes:speech_balloon:

  20. Windows Internals:star2:

  21. Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats

  22. Rootkits: Subverting the Windows Kernel

  23. Basic Dynamic Analysis with IDA Pro and WinDbg:speech_balloon:

  24. Ben Hawkes: What makes software exploitation hard?

  25. GynvaelEN Hacking Livestreams

  26. The Art of Fuzzing: Slides and Demos

  27. A Link to the Past: Abusing Symbolic Links on Windows

  28. Abusing GDI for Ring0 Exploit Primitives (Slides)

  29. Abusing GDI for Ring0 Exploit Primitives: Reloaded (Slides)

  30. Modern Kernel Pool Exploitation: Attacks and Techniques

  31. Finding And Exploiting Token Handling Vulnerabilities in the Windows Kernel

  32. James Forshaw: Process Failure Modes

  33. MalwareAnalysisForHedgehogs Video Tutorials

  34. AVLeak: Fingerprinting Antivirus Emulators through Black-Box Testing

  35. Windows Kernel Graphics Driver Attack Surface

  36. bee13oy: Attacking Antivirus Software’s Kernel Driver:speech_balloon:

  37. Direct X: Direct Way to Microsoft Windows Kernel

  38. A Window Into Ring 0

  39. Windows Drivers Attack Surface

  40. Malware Unicorn: Reverse Engineering Malware 101:star2:

  41. sploitF-U-N: Linux (x86) Exploit Development Series

  42. Gynvael Coldwind: How to find vulnerabilities?

  43. High-Level Approaches for Finding Vulnerabilities

  44. Eli Bendersky: Where the top of the stack is on x86

  45. Eli Bendersky: Stack frame layout on x86–64

  46. x86 Assembly Guide (CS216 ‘06)

  47. HumbleSec: Assembly to Pseudocode Manually:speech_balloon:

  48. Mozilla: A Crash Course in Memory Management

  49. Corelan Team Exploit Writing

  50. Hacking the PS4: Userland ROP:speech_balloon:

  51. What is a “good” memory corruption vulnerability?:star2:

  52. Attacking JavaScript Engines: A case study of JavaScriptCore and CVE-2016–4622

  53. The Stack Clash (Qualys Security Advisory)

  54. Microsoft Security Research & Defense Blog:speech_balloon:

  55. Abusing Token Privileges For Windows Local Privilege Escalation

  56. GhostHook: Bypassing PatchGuard with Processor Trace Based Hooking

  57. “Wild” Pool Overflow on Win10 x64 RS2 (CVE-2016–3309 Reloaded)

  58. Abusing GDI for Ring0 Exploit Primitives

  59. Tarjei Mandt: Kernel Pool Exploitation on Windows 7

  60. Alternative methods of becoming SYSTEM

  61. A Technical Survey of 10 Common and Trending Process Injection Techniques

  62. Shut Up and Hack: Inject All the Things

  63. Dangers of the Decompiler: A Sampling of Anti-Decompilation Techniques

  64. Software Protection via Obfuscation

  65. What steps can I take to make my C++ app harder to RE?

  66. hasherezade: Starting with Windows Kernel Exploitation

  67. Windows Kernel Exploitation Series with HEVD

  68. User-Mode Interactions: Guidelines for Kernel-Mode Drivers (Microsoft, 2006)

  69. DR. CHECKER: A Soundy Analysis for Linux Kernel Drivers

  70. Cure53 Browser Security White Paper

  71. X41 Browser Security White Paper

  72. The Great DOM Fuzz-off of 2017 (DOM Fuzzing Methodology)

  73. The Apple of Your EFI: Findings from an Emprical Study of EFI Security

  74. HexType: Efficient Detection of Type Confusion Errors for C++

  75. A Generic Approach to Automatic Deobfuscation of Executable Code

  76. Anti-Unpacker Tricks:star2:

  77. The “Ultimate” Anti-Debugging Reference

  78. FuzzySecurity Tutorials:star2::speech_balloon:

  79. GitHub CTF Write-ups:speech_balloon:

  80. phoenhex team write-ups:star2::speech_balloon:

  81. Project Zero Issue Tracker:star2::speech_balloon:

  82. Cisco Talos Vulnerability Reports:star2:

  83. Flare-On Challenge Solutions: 2015

  84. Flare-On Challenge Solutions: 2016

  85. Exploiting a Firefox UAF with Shared Array Buffers

  86. Analysis and Exploitation of an ESET Vulnerability

  87. Attacking the Windows NVIDIA Driver

  88. Kernel Exploit Demo: Windows 10 (x86) PrivEsc via WARBIRD

  89. Windows Kernel Resources:speech_balloon:

  90. Dennis Yurichev’s Reversing Challenges

  91. Exploit Exercises:star2:

  92. Flare-On Challenges

  93. ROP Emporium

  94. HackSys Extreme Vulnerable Windows Driver

  95. Compiler Explorer:star2::speech_balloon:

Source: Meduim

HAPPY LEARNING! :+1:

23 Likes

Thanks for Sharing!! @SaM
:ok_hand: :+1:

3 Likes

really so much information

6 Likes

you ask for a book and @SaM will give you the entire library :flushed: :nerd_face:

2 Likes

I was struggling on getting resource to learn assembly ! Guess, this is a jack pot :slight_smile: <3 ty

1 Like

That’s alooot @SaM

1 Like

AMAZING

1 Like

make this page as pdf along with links … if done it would be nice.

WOW. This really is a huge list. Thanks for the compiled list.

1 Like

A large choice of information. It’s up to everyone to choose what suits them.

1 Like

OMG Thank You very much @SaM for posting all these resources on a very interresting topic like reverse eng. . It is going to be very helpfull as i am doing cs eng.

1 Like
Friendly Websites

https://dodi-repacks.site/ https://igg-games.com/ ettvdl.com https://crackingpatching.com/ https://glodls.to/ https://prostylex.org/ https://haxnode.com/ https://freedownloadae.com/ https://www.novahax.com/ freecoursesonline.me ftuapps.dev