I thought I would make this post and point out a few very basic resources which are freely available and which may make starting out in the wide world of Reverse Engineering a little easier. The main problem with reversing is that it is a huge and potentially exceptionally complicated subject. The primary choice is which platform you will place the emphasis upon. As I chose Win32 at the outset my experience of Linux reversing is necessarily limited and for the purposes of this post I refer solely to the Windows environment.
Whilst it is repeated time and again, there really is only one sensible place to start in the world of reversing and that is the Lena151 tutorials. Here we have a sequential set of tutorials, written by the same author with increasingly complex topics covered. They are video tutorials and there are 40 in total covering everything from the very basics on up to exceptionally advanced topics. In all my days in the underground scene (20+ years now), this is the most comprehensive set of tutorials I have seen on any subject. Anyone persevering with these from beginning to end will be a moderately accomplished reverse engineer by the end of it.
There are also a number of other beginners tutorials both written and video. You should try any/all of these. In addition to the Lena tutorials which formed the basis of my RE education, I tried to read as many other documents on the same subjects as I could find. The idea being that whilst Lena tends to explain things well, she does occasionally skip things or presume that we the audience have a more advanced knowledge than might be the actual case. So read read read and more read ... and unfortunately what I have discovered is that the more I read, the more I realize I need to read. If you want a never ending always expanding topic to get into, this is it!
In terms of places of interest on the net obviously there are a number but ...
Firstly, absolutely THE site for all things RE. hxxp://www.tuts4you.com/ Tuts4You run by Teddy Rogers (NZ) and the home site of the group Seek N Destroy. This site is, to put it bluntly, absolutely superb. Quite simply, this is the richest and most comprehensive site you are likely to find on any subject, fortunately it just happens to be aimed at Reverse Engineering! Containing tutorials and papers in addition to software, addons plugins .. you name it, Tuts4You has it .. in abundance! If you are looking for OllyDbg or one of the many variants, they will be here. Similarly even plugin for Olly known to man, and probably several that have slipped through time-rifts from the future are collated here. In short if it is Olly related, chances are it`s here. Similarly Immunity and Syser have sections, together with the behemoth of the reversing world, IDA.
Another site which purports to be the (un)official OllyDbg support site is hxxp://www.woodmann.com. This site once again has an extensive forum and wide array of software including a possibly more diverse set of tools, sorted by application type. Certainly this is worth a look and provides a welcome backup to Tuts4You.
OpenRCE is an interesting site dedicated to the world of software and reverse engineering thereof. This site focuses primarily on talk and blogs all pertaining to RE. There are some seriously hi-brow threads to be found in addition to a number of fascinating forums and blogs. Be warned though, it is often far from easyb reading.
Anyway this covers some of the very basics of what is admittedly an absolutely massive topic (and that`s without even touching upon the *nix side of things).
If you have questions regarding this post or the topic in general please feel free to contact me either through the forum or on IRC and I`ll be more than happy to assist if I can. Just remember whilst I`m pleased to help, this does not extend to doing your job for you or running simple Google queries which you could do yourself. Fair warning ..
0 comments:
Post a Comment