1. complete beginner's Guide Http://www.freewebs.com/fdemunck/newbieproject1.rar It has the basis for compilation and SoftICE usage. Http://evilteach.8k.com/ There are four articles about reverse engineering.2. Challenges and guidelines Http://crackmes.de/here there are a lot of tests on your level. And they are sorted by difficulty level. 3. Guides, magazines, documents, books --- Win32 API help Http://www.borland.com/devsupport/borlandcpp/patches/BC52HLP1.ZIP; Here you can download the Win32 help file linked to Olly. Don't think this is meaningless, If you don't have one, download it. --- Win32 Basics Http://www.winprog.org/tutorial/index.html; Here you can learn the true C language Win32 programming basics. Read him. The more you know about windows The better you understand. --- Free cryptography ebook Http://www.cacr.math.uwaterloo.ca/hac/?cryptographic Learning application manual, very cool and free Cryptography ebook, can provide a perfect German online reference. --- Cryptography Course Http://www.cs.washington.edu/education/courses/csep590/06wi; It is a complete set of cryptographic courses and a good starting point for learning cryptography. --- Cryptography Guide Http://www.certicom.com/index.php? Action = ecc_tutorial, ecc_tut_1_0; It is very valuable to elaborate on the elliptic algorithm. --- Injection Code, General reverse Guide/Document Http://www.codeproject.com/useritems/inject2exe.asp; This article contains the use of basic tools (resource hacker, debugger, and anti-assembler) and how to inject code into executable files. --- Seh magazine \ guide \ documentation Hxxp: // www. jorgon. freeserve. co. uk/shanght/shanght.htm; --- PE format, anti-debugging, anti-memory copy, iczelion Assembly tutorial Http://www.migeel.sk/anticrack/showpage.php? Page = downloads; --- An article about the PE Header in the code-breakers (cbj) magazine Http://www.secure-software-engineering.com/index.php? Option = com_content & task = view & id = 60; It contains detailed and concise PE sections, including introducing tables, exporting tables, segments, directories, and resources. It is essential from beginners to experts. --- PE Header reference Http://webster.cs.ucr.edu/Page_TechDocs/pe.txt; Contains a detailed description of the PE Header for data search. However, it is recommended to read the CBJ article above to learn to write PE files. --- Quick compilation reference Hxxp: // faydoc.tripod.com/cpu/index_v.htm; Pentium cpu Assembly command speed query manual. You can select an assembly command by just clicking the first letter. Very handy (If you download them to a local hard disk ). --- Quick Web programming wizard Hxxp: // beej. us/guide/bgnet/output/htmlsingle/bgnet.html; It takes a short time to quickly learn the basics of network programming. --- Add a segment to the PE file and load the patch code relative to the virtual address Hxxp: // www.sunshine2k.de/Articles.htm; Contains many small, very basic PE articles, import tables, dll injection code 4. Language Learning (assembly, etc) --- Assembly Language Learning Hxxp: // webster.cs.ucr.edu/ HLA assembly site. The free ebook "the art of assembly language" also includes the HLA compiler and some tools, as well as the LINUX part. Http://www.drpaulcarter.com/pcasm/ There are very good learning and compilation of ebook, if you do not like HLA, then this is a good choice Http://savannah.nongnu.org/projects/pgubook/ Assembly tutorials, even what is "WORD", AT&T Assembly syntax --- C ++ Learning Http://www.cplusplus.com/doc/tutorial; How to use C ++ to write a registration machine is helpful for C ++ reverse engineering. --- Compile a quick development environment Hxxp: // www.radasm.com /; Compiled Rad --- Free C ++/Pascal Http://www.bloodshed.net /; If you want to use a free compiler to develop a registration machine, you can choose one of them. The C ++ core is gnucpp. --- Rosasm Http://rosasm.org; Contains 12 basic assembly tutorials. 5. debugger and anti-Assembler --- Olly Http://ollydbg.de/ Required to use the debugger under ring3 --- Syser Http://www.sysersoft.com /; The perfect visual debugger under ring0 is not very stable, but it is very cool to use. --- Windbg Http://www.Micro $ oft.com/whdc/devtools/debugging/default.mspx Microsoft ring0 Debugger --- IDA Http://www.datarescue.com /; Interactive anti-Assembler for Static Analysis --- Pvdasm Http://pvdasm.reverse-engineering.net /; Very interesting disassembly Project --- Olly plugins Http://woodmann.net/ollystuph/index.php; Many useful OD plug-ins --- Shadow's Olly Hxxp: // navig8.to/shadow/ You must pay for the modified version OD. 6 training tools --- Filemon, regmon Hxxp: // www.sysinternals.com/fileanddiskutilities.html File, registry monitoring --- Lordpe Hxxp: // www.softpedia.com/get/programming/file-editors/lordpe.shtml You can browse, modify PE headers, segments, import tables, directories, etc. 7. Linux Problems --- NASM anti-Assembler Hxxp: // nasm.sourceforge.net /; Open-source cross-platform Assembler --- GNU Debugger Hxxp: // www.gnu.org/software/gdb/gdb.html /; Both Linux and Windows support remote debugging 8 recommended books (charged) --- Reverse: Secrets of Reverse Engineering Foundation of reverse engineering, value for money --- Rootkits: subverting the Windows Kernel Advanced books are not suitable for beginners. If you are reading him in the reverse direction, he will clearly explain the technologies that are hard to learn through other ways. 9. Advanced reverse publications --- Reverse program analysis example Http://www.honeynet.org/scans/scan33/nico; Discusses reverse and reverse technologies, from pe headers to reverse debugging to virtual machines --- Anti-assembler and other tools Http://www.cybertech.net /~ Sh0ksh0k/projects /; A group of useful tools, including injection, pasting, and port redirection --- Introduce table structure and redirection Http://www.codeproject.com/useritems/inject2it.asp; 10 network hackers Http://www.pulltheplug.org/wargames/vortex; Beginners practice hacking and programming war games and teach you how to master overflow Technologies |