We are still actively working on the spam issue.

Difference between revisions of "Reverse Engineering"

From InstallGentoo Wiki
Jump to: navigation, search
(Resources: Adding "How to Start Reverse Engineering in 2021")
m (Update to latest cracked version of IDA Pro which can be found here: https://leakforum.io/Thread-IDA-PRO-8-3-x86-x64-ARM-ARM64-MIPS-PPC-PPC64)
 
(4 intermediate revisions by 2 users not shown)
Line 1: Line 1:
Reverse engineering is an occational topic on 4chan, and there is an interest in turning this into a general: /reg/.
+
Reverse engineering is an occasional topic on 4chan, and there is an interest in turning this into a general: /reg/.
  
 
Archive: [https://desuarchive.org/g/search/subject/reg/type/op/]
 
Archive: [https://desuarchive.org/g/search/subject/reg/type/op/]
Line 12: Line 12:
 
*https://exploitreversing.com/2021/12/03/malware-analysis-series-mas-article-1/
 
*https://exploitreversing.com/2021/12/03/malware-analysis-series-mas-article-1/
 
*https://github.com/onethawt/reverseengineering-reading-list
 
*https://github.com/onethawt/reverseengineering-reading-list
 +
*https://jhalon.github.io/reverse-engineering-protocols/
 +
 +
===Reverse Engineering Suites===
 +
These generally include and integrate tools for both static analysis (disassembler, decompiler) and dynamic analysis (debugger).
 +
*[https://hex-rays.com/ida-pro/ IDA Pro] (latest cracked version is 8.3)
 +
*[https://ghidra-sre.org/ Ghidra], a free alternative to IDA released by the NSA(!). Its debugger can be buggy and frustrating, but the package as a whole is competitive.
 +
*https://binary.ninja/
 +
*https://github.com/radareorg/radare2 or its fork https://rizin.re/ (you might find [https://reverseengineering.stackexchange.com/a/32300 this comparison] helpful)
 +
*https://cutter.re/ (a GUI for Rizin)
 +
 +
 +
===Other Dynamic Analysis Tools===
 +
*https://cheatengine.org (essentially babby's first debugger, aimed at cheating in games- but experienced reversers will sometimes reach for its its memory search features)
 +
*https://x64dbg.com/ (an excellent free debugger. Works just as well for 32-bit binaries, despite the name)
 +
*https://ollydbg.de (once a very popular tool, but its 64-bit version was never finished)
 +
*https://github.com/hugsy/gef (extra features for GDB)
 +
*https://learn.microsoft.com/en-us/sysinternals/downloads/procmon (examine file access, registry usage, sub-processes started, and more)
 +
*https://github.com/CobaltFusion/DebugViewPP (look for any debug messages printed with OutputDebugStringA et al)
 +
 +
 +
===Hex Editors===
 +
*https://imhex.werwolv.net/
 +
*https://mh-nexus.de/en/hxd/
  
===Reverse Engineering Tools===
 
*https://hex-rays.com/ida-pro/ (latest cracked version is 7.7)
 
*https://github.com/NationalSecurityAgency/ghidra
 
*https://cheatengine.org
 
*https://ollydbg.de
 
  
 
===Other Tools===
 
===Other Tools===
*https://remnux.org/
+
*https://remnux.org/ (not a tool in itself, but a handy collection of them for Linux)
*https://github.com/mandiant/flare-vm
+
*https://github.com/mandiant/flare-vm (easily prepare a Windows VM for RE use)
*https://ghidra-sre.org/
+
*https://github.com/hasherezade/pe-bear (poke around in EXE and DLL files)
*https://github.com/hugsy/gef
+
*[https://ntcore.com/?page_id=388 CEF Explorer] (ditto)
*https://github.com/radareorg/radare2
+
*https://github.com/sharkdp/binocle (visualise binary data and look for raw images)
*https://cutter.re/
+
 
*https://github.com/hasherezade/pe-bear
+
 
*https://learn.microsoft.com/en-us/sysinternals/downloads/procmon
+
 
*https://x64dbg.com/
+
===News===
*https://imhex.werwolv.net/
+
Some publish news of what they have reverse engineered.
 +
*https://scarybeastsecurity.blogspot.com/ - hardware, copy protection, data recovery and more
 +
*https://www.righto.com/ - a lot of ancient hardware such as equipment used on the Apollo missions
  
 
===Special Interests===
 
===Special Interests===
Line 37: Line 57:
 
* https://stardot.org.uk/forums/ - Specialises in Acorn machines such as the Electron and BBC
 
* https://stardot.org.uk/forums/ - Specialises in Acorn machines such as the Electron and BBC
 
* https://www.bbcelite.com/ - Dedicated to the reverse engineering and study of Elite
 
* https://www.bbcelite.com/ - Dedicated to the reverse engineering and study of Elite
 +
 +
====Cars====
 +
There is a lot of electronics and microcontrollers in a car, and a corresponding interest in reverse engineering
 +
* [https://archive.org/details/thecarhackershandbook The Car Hacker's Handbook] is presented as "A Guide for the Penetration Tester". It has been [https://web.archive.org/web/20221205185254/opengarages.org/handbook/ Licensed under CC-BY-NC-SA] though the text of the book has not been amended
 +
* [https://web.archive.org/web/20221205124040/http://opengarages.org/handbook/2014_car_hackers_handbook.pdf 2014 Car hacker's Handbook] - the earlier version of the above, distributed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 license. Note the file is 251 MB in size and slow to download from The Archive.
  
 
===Resources===
 
===Resources===

Latest revision as of 05:53, 20 May 2024

Reverse engineering is an occasional topic on 4chan, and there is an interest in turning this into a general: /reg/.

Archive: [1]

Links

Getting Started

Reverse Engineering Suites

These generally include and integrate tools for both static analysis (disassembler, decompiler) and dynamic analysis (debugger).


Other Dynamic Analysis Tools


Hex Editors


Other Tools


News

Some publish news of what they have reverse engineered.

Special Interests

Old Games

There is a lot of interest in RE of old games, to understand how they worked, or to port them to newer platforms as old platforms no longer are available,

Cars

There is a lot of electronics and microcontrollers in a car, and a corresponding interest in reverse engineering

  • The Car Hacker's Handbook is presented as "A Guide for the Penetration Tester". It has been Licensed under CC-BY-NC-SA though the text of the book has not been amended
  • 2014 Car hacker's Handbook - the earlier version of the above, distributed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 license. Note the file is 251 MB in size and slow to download from The Archive.

Resources