We are still actively working on the spam issue.
Difference between revisions of "Reverse Engineering"
(Add categories) |
m (Update to latest cracked version of IDA Pro which can be found here: https://leakforum.io/Thread-IDA-PRO-8-3-x86-x64-ARM-ARM64-MIPS-PPC-PPC64) |
||
(5 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | Reverse engineering is an | + | Reverse engineering is an occasional topic on 4chan, and there is an interest in turning this into a general: /reg/. |
Archive: [https://desuarchive.org/g/search/subject/reg/type/op/] | Archive: [https://desuarchive.org/g/search/subject/reg/type/op/] | ||
Line 12: | Line 12: | ||
*https://exploitreversing.com/2021/12/03/malware-analysis-series-mas-article-1/ | *https://exploitreversing.com/2021/12/03/malware-analysis-series-mas-article-1/ | ||
*https://github.com/onethawt/reverseengineering-reading-list | *https://github.com/onethawt/reverseengineering-reading-list | ||
+ | *https://jhalon.github.io/reverse-engineering-protocols/ | ||
+ | |||
+ | ===Reverse Engineering Suites=== | ||
+ | These generally include and integrate tools for both static analysis (disassembler, decompiler) and dynamic analysis (debugger). | ||
+ | *[https://hex-rays.com/ida-pro/ IDA Pro] (latest cracked version is 8.3) | ||
+ | *[https://ghidra-sre.org/ Ghidra], a free alternative to IDA released by the NSA(!). Its debugger can be buggy and frustrating, but the package as a whole is competitive. | ||
+ | *https://binary.ninja/ | ||
+ | *https://github.com/radareorg/radare2 or its fork https://rizin.re/ (you might find [https://reverseengineering.stackexchange.com/a/32300 this comparison] helpful) | ||
+ | *https://cutter.re/ (a GUI for Rizin) | ||
+ | |||
+ | |||
+ | ===Other Dynamic Analysis Tools=== | ||
+ | *https://cheatengine.org (essentially babby's first debugger, aimed at cheating in games- but experienced reversers will sometimes reach for its its memory search features) | ||
+ | *https://x64dbg.com/ (an excellent free debugger. Works just as well for 32-bit binaries, despite the name) | ||
+ | *https://ollydbg.de (once a very popular tool, but its 64-bit version was never finished) | ||
+ | *https://github.com/hugsy/gef (extra features for GDB) | ||
+ | *https://learn.microsoft.com/en-us/sysinternals/downloads/procmon (examine file access, registry usage, sub-processes started, and more) | ||
+ | *https://github.com/CobaltFusion/DebugViewPP (look for any debug messages printed with OutputDebugStringA et al) | ||
+ | |||
+ | |||
+ | ===Hex Editors=== | ||
+ | *https://imhex.werwolv.net/ | ||
+ | *https://mh-nexus.de/en/hxd/ | ||
− | |||
− | |||
− | |||
− | |||
− | |||
===Other Tools=== | ===Other Tools=== | ||
− | *https://remnux.org/ | + | *https://remnux.org/ (not a tool in itself, but a handy collection of them for Linux) |
− | *https://github.com/mandiant/flare-vm | + | *https://github.com/mandiant/flare-vm (easily prepare a Windows VM for RE use) |
− | *https:// | + | *https://github.com/hasherezade/pe-bear (poke around in EXE and DLL files) |
− | *https:// | + | *[https://ntcore.com/?page_id=388 CEF Explorer] (ditto) |
− | *https://github.com/ | + | *https://github.com/sharkdp/binocle (visualise binary data and look for raw images) |
− | + | ||
− | *https:// | + | |
− | *https:// | + | |
− | + | ===News=== | |
− | + | Some publish news of what they have reverse engineered. | |
+ | *https://scarybeastsecurity.blogspot.com/ - hardware, copy protection, data recovery and more | ||
+ | *https://www.righto.com/ - a lot of ancient hardware such as equipment used on the Apollo missions | ||
===Special Interests=== | ===Special Interests=== | ||
Line 37: | Line 57: | ||
* https://stardot.org.uk/forums/ - Specialises in Acorn machines such as the Electron and BBC | * https://stardot.org.uk/forums/ - Specialises in Acorn machines such as the Electron and BBC | ||
* https://www.bbcelite.com/ - Dedicated to the reverse engineering and study of Elite | * https://www.bbcelite.com/ - Dedicated to the reverse engineering and study of Elite | ||
+ | |||
+ | ====Cars==== | ||
+ | There is a lot of electronics and microcontrollers in a car, and a corresponding interest in reverse engineering | ||
+ | * [https://archive.org/details/thecarhackershandbook The Car Hacker's Handbook] is presented as "A Guide for the Penetration Tester". It has been [https://web.archive.org/web/20221205185254/opengarages.org/handbook/ Licensed under CC-BY-NC-SA] though the text of the book has not been amended | ||
+ | * [https://web.archive.org/web/20221205124040/http://opengarages.org/handbook/2014_car_hackers_handbook.pdf 2014 Car hacker's Handbook] - the earlier version of the above, distributed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 license. Note the file is 251 MB in size and slow to download from The Archive. | ||
===Resources=== | ===Resources=== | ||
*https://back.engineering/ | *https://back.engineering/ | ||
*https://secret.club/ | *https://secret.club/ | ||
− | + | *https://habr.com/ru/articles/548344/ - How to Start Reverse Engineering in 2021 | |
[[Category:Terms]] | [[Category:Terms]] |
Latest revision as of 05:53, 20 May 2024
Reverse engineering is an occasional topic on 4chan, and there is an interest in turning this into a general: /reg/.
Archive: [1]
Contents
Links
Getting Started
- https://github.com/tylerha97/awesome-reversing
- https://opensecuritytraining.info/
- https://www.coursera.org/learn/malware-analysis-and-assembly
- https://malwareunicorn.org/workshops/re101.html#0
- https://exploitreversing.com/2021/12/03/malware-analysis-series-mas-article-1/
- https://github.com/onethawt/reverseengineering-reading-list
- https://jhalon.github.io/reverse-engineering-protocols/
Reverse Engineering Suites
These generally include and integrate tools for both static analysis (disassembler, decompiler) and dynamic analysis (debugger).
- IDA Pro (latest cracked version is 8.3)
- Ghidra, a free alternative to IDA released by the NSA(!). Its debugger can be buggy and frustrating, but the package as a whole is competitive.
- https://binary.ninja/
- https://github.com/radareorg/radare2 or its fork https://rizin.re/ (you might find this comparison helpful)
- https://cutter.re/ (a GUI for Rizin)
Other Dynamic Analysis Tools
- https://cheatengine.org (essentially babby's first debugger, aimed at cheating in games- but experienced reversers will sometimes reach for its its memory search features)
- https://x64dbg.com/ (an excellent free debugger. Works just as well for 32-bit binaries, despite the name)
- https://ollydbg.de (once a very popular tool, but its 64-bit version was never finished)
- https://github.com/hugsy/gef (extra features for GDB)
- https://learn.microsoft.com/en-us/sysinternals/downloads/procmon (examine file access, registry usage, sub-processes started, and more)
- https://github.com/CobaltFusion/DebugViewPP (look for any debug messages printed with OutputDebugStringA et al)
Hex Editors
Other Tools
- https://remnux.org/ (not a tool in itself, but a handy collection of them for Linux)
- https://github.com/mandiant/flare-vm (easily prepare a Windows VM for RE use)
- https://github.com/hasherezade/pe-bear (poke around in EXE and DLL files)
- CEF Explorer (ditto)
- https://github.com/sharkdp/binocle (visualise binary data and look for raw images)
News
Some publish news of what they have reverse engineered.
- https://scarybeastsecurity.blogspot.com/ - hardware, copy protection, data recovery and more
- https://www.righto.com/ - a lot of ancient hardware such as equipment used on the Apollo missions
Special Interests
Old Games
There is a lot of interest in RE of old games, to understand how they worked, or to port them to newer platforms as old platforms no longer are available,
- https://tcrf.net/The_Cutting_Room_Floor
- https://stardot.org.uk/forums/ - Specialises in Acorn machines such as the Electron and BBC
- https://www.bbcelite.com/ - Dedicated to the reverse engineering and study of Elite
Cars
There is a lot of electronics and microcontrollers in a car, and a corresponding interest in reverse engineering
- The Car Hacker's Handbook is presented as "A Guide for the Penetration Tester". It has been Licensed under CC-BY-NC-SA though the text of the book has not been amended
- 2014 Car hacker's Handbook - the earlier version of the above, distributed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 license. Note the file is 251 MB in size and slow to download from The Archive.
Resources
- https://back.engineering/
- https://secret.club/
- https://habr.com/ru/articles/548344/ - How to Start Reverse Engineering in 2021