Reverse Engineering Tutorials | Easy For Newbies!

Tutorials & Methods
, ,
1

So you want to be a Reverser? This is the best tutorial with the best tools ever coupled!!

What is Reverse Engineering?

  • Reverse engineering, also called back engineering, is the processes of extracting knowledge or design information from anything man-made and re-producing it or reproducing anything based on the extracted information. Thanks Wikipedia

So here we go:

Tutorials

What it contains?

  1. Olly + assembler + patching a basic reverseme

  2. Keyfiling the reverseme + assembler

  3. Basic nag removal + header problems

  4. Basic + aesthetic patching

  5. Comparing on changes in cond jumps, animate over/in, breakpoints

  6. “The plain stupid patching method”, searching for textstrings

  7. Intermediate level patching, Kanal in PEiD

  8. Debugging with W32Dasm, RVA, VA and offset, using LordPE as a hexeditor

  9. Explaining the Visual Basic concept, introduction to SmartCheck and configuration

  10. Continued reversing techniques in VB, use of decompilers and a basic anti-anti-trick

  11. Intermediate patching using Olly’s “pane window”

  12. Guiding a program by multiple patching.

  13. The use of API’s in software, avoiding doublechecking tricks

  14. More difficult schemes and an introduction to inline patching

  15. How to study behaviour in the code, continued inlining using a pointer

  16. Reversing using resources

  17. Insights and practice in basic (self)keygenning

  18. Diversion code, encryption/decryption, selfmodifying code and polymorphism

  19. Debugger detected and anti-anti-techniques

  20. Packers and protectors : an introduction

  21. Imports rebuilding

  22. API Redirection

  23. Stolen bytes

  24. Patching at runtime using loaders from lena151 original

  25. Continued patching at runtime & unpacking armadillo standard protection

  26. Machine specific loaders, unpacking & debugging armadillo

  27. tElock + advanced patching

  28. Bypassing & killing server checks

  29. Killing & inlining a more difficult server check

  30. SFX, Run Trace & more advanced string searching

  31. Delphi in Olly & DeDe

  32. Author tricks, HIEW & approaches in inline patching

  33. The FPU, integrity checks & loader versus patcher

  34. Reversing techniques in packed software & a S&R loader for ASProtect

  35. Inlining inside polymorphic code

  36. Keygenning <— (This one i liked the most)

  37. In-depth unpacking & anti-anti-debugging a combination packer / protector

  38. Unpacking continued & debugger detection by DLL’s and TLS

  39. Inlining a blowfish scheme in a packed & CRC protected dll

  40. Tools

While I’m sure that some of these are outdated, it should at least give you a headstart (by pointing you in the right direction). That doesn’t mean, however, that they are ALL outdated.

Happy learning

9 Likes
2

Where is the link?

1 Like
3

where’s the link?

4

I think link is missing !!!

5

Here you Go:

Download <— 140Mb

(Click and save, no redirection)

OP just forgot to mention the link (Excuses), as far my concern, I know from where they get it, So I simply found it on my own! Cheers

Missing Part Of This Tutorial: Here Is The Remaining Section:

Tools

Signature Scanners:
PEiD - http://bob.droppages.com/Projects/PEiD

API Loggers:

API Monitor - http://www.rohitab.com/apimonitor)
WinAPIOverride - http://jacquelin.potier.free.fr/index.php
Process Monitor - http://technet.microsoft.com/en-us/sysin...s/bb896645

Debuggers/Disassemblers:

OllyDbg - http://www.ollydbg.de/
IDA Pro - https://www.hex-rays.com/products/ida/index.shtml
WinDBG - http://msdn.microsoft.com/en-us/windows/...e/hh852365
W32DASM - https://tuts4you.com/download.php?view.1138

Decompilers:

.NET

.NET Reflector - http://www.red-gate.com/products/dotnet-...reflector/
dotPeek - http://www.jetbrains.com/decompiler/
Telerik JustDecompile - http://www.telerik.com/products/decompiler.aspx
ILSpy - http://ilspy.net/
VB 6

VB Decompiler - http://www.vb-decompiler.org/
Delphi

DeDe - http://www.softpedia.com/get/Programming...DeDe.shtml
C

Boomerang - http://boomerang.sourceforge.net/
Automated Analysis:

Offline
SysAnalyzer - http://www.woodmann.com/collaborative/to...ysAnalyzer

Online
Anubis - http://anubis.iseclab.org/
ThreatExpert - http://www.threatexpert.com/filescan.aspx
GFI Sandboxâ„¢ (formerly CWSandbox)

Virtual Machines/Sandboxes:

VMware Workstation - http://www.vmware.com/products/workstation
Sandboxie - http://www.sandboxie.com/

Packet Sniffers:

Wireshark - https://www.wireshark.org/
TCPView - http://technet.microsoft.com/en-us/sysin...97437.aspx

PE Editors:

CFF Explorer - http://ntcore.com/exsuite.php
PEditor - http://www.softpedia.com/get/Programming...itor.shtml

Hex Editors:

HxD - http://mh-nexus.de/en/hxd/
HexEdit - http://www.hexedit.com/

Misc:

Sysinternals Suite - http://technet.microsoft.com/en-us/sysin...42062.aspx
Hex Calculator - http://www.hexprobe.com/hpmbcalc/index.htm
Process Explorer - http://technet.microsoft.com/en-us/sysin...96653.aspx

While I’m sure that some of these are outdated, it should at least give you a headstart (by pointing you in the right direction). That doesn’t mean, however, that they are ALL outdated.

ENJOY! :heart:

8 Likes