We are still actively working on the spam issue.
Difference between revisions of "Reverse Engineering"
(Added section on News) |
m (Update to latest cracked version of IDA Pro which can be found here: https://leakforum.io/Thread-IDA-PRO-8-3-x86-x64-ARM-ARM64-MIPS-PPC-PPC64) |
||
(One intermediate revision by one other user not shown) | |||
Line 1: | Line 1: | ||
− | Reverse engineering is an | + | Reverse engineering is an occasional topic on 4chan, and there is an interest in turning this into a general: /reg/. |
Archive: [https://desuarchive.org/g/search/subject/reg/type/op/] | Archive: [https://desuarchive.org/g/search/subject/reg/type/op/] | ||
Line 14: | Line 14: | ||
*https://jhalon.github.io/reverse-engineering-protocols/ | *https://jhalon.github.io/reverse-engineering-protocols/ | ||
− | ===Reverse Engineering | + | ===Reverse Engineering Suites=== |
− | *https://hex-rays.com/ida-pro/ (latest cracked version is | + | These generally include and integrate tools for both static analysis (disassembler, decompiler) and dynamic analysis (debugger). |
− | *https://github.com/ | + | *[https://hex-rays.com/ida-pro/ IDA Pro] (latest cracked version is 8.3) |
− | *https://cheatengine.org | + | *[https://ghidra-sre.org/ Ghidra], a free alternative to IDA released by the NSA(!). Its debugger can be buggy and frustrating, but the package as a whole is competitive. |
− | *https://ollydbg.de | + | *https://binary.ninja/ |
+ | *https://github.com/radareorg/radare2 or its fork https://rizin.re/ (you might find [https://reverseengineering.stackexchange.com/a/32300 this comparison] helpful) | ||
+ | *https://cutter.re/ (a GUI for Rizin) | ||
+ | |||
+ | |||
+ | ===Other Dynamic Analysis Tools=== | ||
+ | *https://cheatengine.org (essentially babby's first debugger, aimed at cheating in games- but experienced reversers will sometimes reach for its its memory search features) | ||
+ | *https://x64dbg.com/ (an excellent free debugger. Works just as well for 32-bit binaries, despite the name) | ||
+ | *https://ollydbg.de (once a very popular tool, but its 64-bit version was never finished) | ||
+ | *https://github.com/hugsy/gef (extra features for GDB) | ||
+ | *https://learn.microsoft.com/en-us/sysinternals/downloads/procmon (examine file access, registry usage, sub-processes started, and more) | ||
+ | *https://github.com/CobaltFusion/DebugViewPP (look for any debug messages printed with OutputDebugStringA et al) | ||
+ | |||
+ | |||
+ | ===Hex Editors=== | ||
+ | *https://imhex.werwolv.net/ | ||
+ | *https://mh-nexus.de/en/hxd/ | ||
+ | |||
===Other Tools=== | ===Other Tools=== | ||
− | *https://remnux.org/ | + | *https://remnux.org/ (not a tool in itself, but a handy collection of them for Linux) |
− | *https://github.com/mandiant/flare-vm | + | *https://github.com/mandiant/flare-vm (easily prepare a Windows VM for RE use) |
− | + | *https://github.com/hasherezade/pe-bear (poke around in EXE and DLL files) | |
− | + | *[https://ntcore.com/?page_id=388 CEF Explorer] (ditto) | |
− | + | *https://github.com/sharkdp/binocle (visualise binary data and look for raw images) | |
− | + | ||
− | *https://github.com/hasherezade/pe-bear | + | |
− | *https:// | ||
− | *https:// | ||
− | |||
===News=== | ===News=== | ||
− | Some | + | Some publish news of what they have reverse engineered. |
*https://scarybeastsecurity.blogspot.com/ - hardware, copy protection, data recovery and more | *https://scarybeastsecurity.blogspot.com/ - hardware, copy protection, data recovery and more | ||
*https://www.righto.com/ - a lot of ancient hardware such as equipment used on the Apollo missions | *https://www.righto.com/ - a lot of ancient hardware such as equipment used on the Apollo missions |
Latest revision as of 05:53, 20 May 2024
Reverse engineering is an occasional topic on 4chan, and there is an interest in turning this into a general: /reg/.
Archive: [1]
Contents
Links
Getting Started
- https://github.com/tylerha97/awesome-reversing
- https://opensecuritytraining.info/
- https://www.coursera.org/learn/malware-analysis-and-assembly
- https://malwareunicorn.org/workshops/re101.html#0
- https://exploitreversing.com/2021/12/03/malware-analysis-series-mas-article-1/
- https://github.com/onethawt/reverseengineering-reading-list
- https://jhalon.github.io/reverse-engineering-protocols/
Reverse Engineering Suites
These generally include and integrate tools for both static analysis (disassembler, decompiler) and dynamic analysis (debugger).
- IDA Pro (latest cracked version is 8.3)
- Ghidra, a free alternative to IDA released by the NSA(!). Its debugger can be buggy and frustrating, but the package as a whole is competitive.
- https://binary.ninja/
- https://github.com/radareorg/radare2 or its fork https://rizin.re/ (you might find this comparison helpful)
- https://cutter.re/ (a GUI for Rizin)
Other Dynamic Analysis Tools
- https://cheatengine.org (essentially babby's first debugger, aimed at cheating in games- but experienced reversers will sometimes reach for its its memory search features)
- https://x64dbg.com/ (an excellent free debugger. Works just as well for 32-bit binaries, despite the name)
- https://ollydbg.de (once a very popular tool, but its 64-bit version was never finished)
- https://github.com/hugsy/gef (extra features for GDB)
- https://learn.microsoft.com/en-us/sysinternals/downloads/procmon (examine file access, registry usage, sub-processes started, and more)
- https://github.com/CobaltFusion/DebugViewPP (look for any debug messages printed with OutputDebugStringA et al)
Hex Editors
Other Tools
- https://remnux.org/ (not a tool in itself, but a handy collection of them for Linux)
- https://github.com/mandiant/flare-vm (easily prepare a Windows VM for RE use)
- https://github.com/hasherezade/pe-bear (poke around in EXE and DLL files)
- CEF Explorer (ditto)
- https://github.com/sharkdp/binocle (visualise binary data and look for raw images)
News
Some publish news of what they have reverse engineered.
- https://scarybeastsecurity.blogspot.com/ - hardware, copy protection, data recovery and more
- https://www.righto.com/ - a lot of ancient hardware such as equipment used on the Apollo missions
Special Interests
Old Games
There is a lot of interest in RE of old games, to understand how they worked, or to port them to newer platforms as old platforms no longer are available,
- https://tcrf.net/The_Cutting_Room_Floor
- https://stardot.org.uk/forums/ - Specialises in Acorn machines such as the Electron and BBC
- https://www.bbcelite.com/ - Dedicated to the reverse engineering and study of Elite
Cars
There is a lot of electronics and microcontrollers in a car, and a corresponding interest in reverse engineering
- The Car Hacker's Handbook is presented as "A Guide for the Penetration Tester". It has been Licensed under CC-BY-NC-SA though the text of the book has not been amended
- 2014 Car hacker's Handbook - the earlier version of the above, distributed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 license. Note the file is 251 MB in size and slow to download from The Archive.
Resources
- https://back.engineering/
- https://secret.club/
- https://habr.com/ru/articles/548344/ - How to Start Reverse Engineering in 2021