My 3 methods of Learning Reverse Engineering SMN666

SMN666
3 min readAug 2, 2023

--

Method I :
An eager desire to learn reverse engineering.
Assembly language. It doesn’t really matter what assembly language to learn first. Because most assembly languages are very similar. But I suggest starting with x86, because there are far more resources about it. My top resources for learning x86 assembly are: https://github.com/0xZ0/Z0FCourse_ReverseEngineering and https://beginners.re
Also, a bit of knowledge of executable file formats will be useful for you.
Each operating system uses its own executable: Windows uses PE, Linux and other Unix-like systems use ELF.

Method II :

Don’t spend too much time on Method I.
Start using reverse engineering tools like Ghidra, Radare 2, x64dbg(my favourite) and IDA Home/Pro.
IDA is the oldest of them and it’s still considered the industry standard for static reverse engineering.
Ghidra might be a great tool for beginners: it’s free, it offers lots of features you can’t find in other free tools, and it has a lot of extensibility.
Even write some simple programs in C and then load them in the tool of your choice to see how they work.
Also, study executable file formats.
Then, Learn how debugging works. It’s a process of dynamically examining and modifying the workflow of a program.
Some debuggers for easy learning are GDB on Linux and x64dbg on Windows.

Method III:

It’s time for you to get your hand dirty and check out some close to real-life scenarios.
Also, you can get a taste of different aspects of reverse engineering and pick some areas you want to focus on.
Find some challenges online. My favourite is simple crackme challenges from https://crackinglessons.com/category/challenges/
You can put your reverse engineering skills to good use.
Then, you can learn about common security vulnerabilities in binary software and try to find and exploit them.
You can start your journey into vulnerability exploitation from https://www.vulnhub.com, https://pwnable.kr, and https://www.hackthebox.eu
Try some methods of packing, obfuscation and anti-reverse engineering.
Play some CTFs. Exploitation challenges are probably included in every CTF nowadays.
Flareon CTF is all about reversing malware-like challenges, and RealworldCTF is about exploiting vulnerabilities in real-life software.
Don’t be ashamed if you can’t solve a challenge right away.
Take your time and you can try to solve a challenge even if a CTF has ended.
Also, if you’re stuck, try to google write-ups for your challenge. https://ctftime.org is a great CTF and write-up database.

Some useful resources to start learning Reverse Engineering:

https://github.com/FULLSHADE/WindowsExploitationResources
https://www.vx-underground.org/index.html
https://pwn.college/
https://exploit.education/
https://github.com/alphaSeclab/awesome-reverse-engineering
https://www.begin.re/
https://reversewithme.blogspot.com/
https://github.com/x64dbg/x64dbg
https://github.com/NationalSecurityAgency/ghidra
https://github.com/hashcat/hashcat
https://github.com/s3inlc/hashtopolis
https://github.com/maestron/reverse-engineering-tutorials
https://www.ghidra-sre.org/
https://book.rada.re/index.html
https://github.com/radareorg/cutter
https://github.com/lennylxx/ipv6-hosts
https://www.unicorn-engine.org/
https://github.com/google/binnavi
https://github.com/JonathanSalwan/ROPgadget
http://shell-storm.org/
https://github.com/fireeye/flare-vm
https://github.com/plasma-disassembler/plasma
https://github.com/pwndbg/pwndbg
https://github.com/cea-sec/miasm
https://github.com/kaitai-io/kaitai_struct
https://github.com/alphaSeclab/awesome-reverse-engineering

http://hwreblog.com/

https://hasherezade.github.io/

https://github.com/0xZ0F

https://dasmalwerk.eu/
https://chuongdong.com/blog/

https://gist.github.com/navneetmuffin/ff678b1fda17e6188aa0462a99626121

https://legend.octopuslabs.io/sample-page.html
https://puri.sm/posts/primer-to-reverse-engineering/

https://samsclass.info/126/126_F20.shtml

http://highaltitudehacks.com/2020/09/05/arm64-reversing-and-exploitation-part-1-arm-instruction-set-heap-overflow/

https://ctf101.org/reverse-engineering/what-are-disassemblers/

https://onlinedisassembler.com/static/home/index.html

https://en.wikibooks.org/wiki/X86_Disassembly/Disassemblers_and_Decompilers

https://malwaretips.com/
https://any.run/

https://dissectingmalwa.re/
http://malc0de.com/dashboard/
http://vxvault.net/ViriList.php
https://malshare.com/

Mal Researching Room TryHackMe:
https://oldblog.cmnatic.co.uk/ : author website
https://shattered.io/
https://oldblog.cmnatic.co.uk/posts/so-you-want-to-analyse-malware/
https://any.run/
https://hybrid-analysis.com/

https://github.com/LordNoteworthy
https://github.com/wtsxDev/reverse-engineering
https://kalitut.com/
https://github.com/hasherezade/malware_training_vol1
https://www.malvuln.com/
https://dcarlin.github.io/Malware-Analysis/
https://www.sans.org/blog/-must-have-free-resources-for-malware-analysis/
https://github.com/0x4143/malware-gems
https://tsurugi-linux.org/

https://literallymalwa.re/
https://zetcode.com/gui/winapi/
https://software.intel.com/content/www/us/en/develop/articles/introduction-to-x64-assembly.html
https://sonictk.github.io/asm_tutorial/

https://www.youtube.com/channel/UC--DwaiMV-jtO-6EvmKOnqg

https://www.youtube.com/channel/UCwSxJ5kXVFPWi6fYuj6o78w

https://www.youtube.com/channel/UCqfqH-wq12WOm4QG4KiRisw

https://www.youtube.com/results?search_query=disassemblers

Packer Link :

https://www.alternate-tools.com/pages/c_exepacker.php?lang=ENG

http://www.aspack.com/

https://unprotect.it/technique/exestealth/

https://github.com/akuafif/hXOR-Packer

https://github.com/nelfo/Milfuscator

https://www.autohotkey.com/mpress/mpress_web.htm

https://www.oreans.com/Themida.php

https://upx.github.io/

--

--