This is for people who are interested in Reverse Engineering and are bit confused . I am just here to help you. You would find books online saying that you can become a great reverse engineer . So before guys you jump on the band wagon and ha hoo!! please read the below properly.
Beginner:
Intermediate:
Advanced:
So, thats about it .. Now you can search for them on google.
Here goes nothing....
Once you have done the above damage to your self (just kidding) try the following
Udemy
- Operating System Concepts
- High Level & Low Level Programming (familiarity is fine, working knowledge not required at first)
- Fundamentals of networking
- How to use the internet to perform research
Beginner:
- Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration
- Introduction to ARM
- The Life of Binaries
- Malware Dynamic Analysis
- Introduction to Trusted Computing
Intermediate:
- Intermediate Intel x86: Architecture, Assembly, Applications, & Alliteration
- Introduction to Software Exploits
- Exploits 2: Exploitation in the Windows Environment
Advanced:
- Rootkits: What they are, and how to find them
- Introduction to Reverse Engineering Software
- Reverse Engineering Malware
- Advanced x86: Virtualisation with Intel VT-x
So, thats about it .. Now you can search for them on google.
Here goes nothing....
Once you have done the above damage to your self (just kidding) try the following
Udemy
You should also know different reverse engineering tools.
1.
Disassemblers – A disassembler is used to convert binary code into
assembly code and also used to extract strings, imported and exported
functions, libraries etc. The disassemblers convert the machine language
into a user-friendly format. There are different dissemblers that
specialize in certain things.
2. Debuggers –
This tool expands the functionality of a disassembler by supporting the
CPU registers, the hex duping of the program, view of stack etc. Using
debuggers, the programmers can set breakpoints and edit the assembly
code at run time. Debuggers analyse the binary in a similar way as the
disassemblers and allow the reverser to step through the code by running
one line at a time to investigate the results.
3.
Hex Editors – These editors allow the binary to be viewed in the editor
and change it as per the requirements of the software. There are
different types of hex editors available that are used for different
functions.
4. PE and Resource Viewer – The
binary code is designed to run on a windows based machine and has a very
specific data which tells how to set up and initialize a program. All
the programs that run on windows should have a portable executable that
supports the DLLs the program needs to borrow from.
Learn how to use the tools
- Dissasembler – IDA Pro
- Debugger – OllyDbg, WinDbg
- System Monitor – Process Monitor, RegShot. Process Explorer
- Network Monitor – TCP View, Wireshark
- Packer Identifier – PEID
- Unpacking Tools – Qunpack. GUNPacker
- Binary Analysis Tools – PE Explorer, Malcode Analysts Pack
- Code Analysis Tools – LordPE, ImpRec
Online Sources:
- Tuts4You.com Tutorials
- Sans.org and anything by Lenny Zeltser
- Google Searches for “Malware Analysis <specific topic>”
Books:
- Malware Analyst’s Cookbook
- Rootkits: Subverting the Windows Kernel
- Practical Malware Analysis
- The IDA Pro Book
- Reversing: Secrets of Reverse Engineering
No comments:
Post a Comment