1. complete beginner's Guide
Http://www.freewebs.com/fdemunck/newbieproject1.rar
It has the basis for compilation and SoftICE usage.
Http://evilteach.8k.com/
There are four articles about reverse engineering.2. Challenges and guidelines
Http://crackmes.de/here there are a lot of tests on your level.
And they are sorted by difficulty level. 3. Guides, magazines, documents, books
--- Win32 API help
Http://www.borland.com/devsupport/borlandcpp/patches/BC52HLP1.ZIP;
Here you can download the Win32 help file linked to Olly. Don't think this is meaningless,
If you don't have one, download it.
--- Win32 Basics
Http://www.winprog.org/tutorial/index.html; Here you can learn the true C language Win32 programming basics. Read him. The more you know about windows
The better you understand.
--- Free cryptography ebook
Http://www.cacr.math.uwaterloo.ca/hac/?cryptographic Learning application manual, very cool and free
Cryptography ebook, can provide a perfect German online reference.
--- Cryptography Course
Http://www.cs.washington.edu/education/courses/csep590/06wi;
It is a complete set of cryptographic courses and a good starting point for learning cryptography.
--- Cryptography Guide
Http://www.certicom.com/index.php? Action = ecc_tutorial, ecc_tut_1_0;
It is very valuable to elaborate on the elliptic algorithm.
--- Injection Code, General reverse Guide/Document
Http://www.codeproject.com/useritems/inject2exe.asp;
This article contains the use of basic tools (resource hacker, debugger, and anti-assembler) and how to inject code into executable files.
--- Seh magazine \ guide \ documentation
Hxxp: // www. jorgon. freeserve. co. uk/shanght/shanght.htm;
--- PE format, anti-debugging, anti-memory copy, iczelion Assembly tutorial
Http://www.migeel.sk/anticrack/showpage.php? Page = downloads;
--- An article about the PE Header in the code-breakers (cbj) magazine
Http://www.secure-software-engineering.com/index.php? Option = com_content & task = view & id = 60;
It contains detailed and concise PE sections, including introducing tables, exporting tables, segments, directories, and resources. It is essential from beginners to experts.
--- PE Header reference
Http://webster.cs.ucr.edu/Page_TechDocs/pe.txt;
Contains a detailed description of the PE Header for data search. However, it is recommended to read the CBJ article above to learn to write PE files.
--- Quick compilation reference
Hxxp: // faydoc.tripod.com/cpu/index_v.htm;
Pentium cpu Assembly command speed query manual. You can select an assembly command by just clicking the first letter. Very handy
(If you download them to a local hard disk ).
--- Quick Web programming wizard
Hxxp: // beej. us/guide/bgnet/output/htmlsingle/bgnet.html;
It takes a short time to quickly learn the basics of network programming.
--- Add a segment to the PE file and load the patch code relative to the virtual address
Hxxp: // www.sunshine2k.de/Articles.htm;
Contains many small, very basic PE articles, import tables, dll injection code 4. Language Learning (assembly, etc)
--- Assembly Language Learning
Hxxp: // webster.cs.ucr.edu/
HLA assembly site. The free ebook "the art of assembly language" also includes the HLA compiler and some tools, as well as the LINUX part.
Http://www.drpaulcarter.com/pcasm/
There are very good learning and compilation of ebook, if you do not like HLA, then this is a good choice
Http://savannah.nongnu.org/projects/pgubook/
Assembly tutorials, even what is "WORD", AT&T Assembly syntax
--- C ++ Learning
Http://www.cplusplus.com/doc/tutorial;
How to use C ++ to write a registration machine is helpful for C ++ reverse engineering.
--- Compile a quick development environment
Hxxp: // www.radasm.com /;
Compiled Rad
--- Free C ++/Pascal
Http://www.bloodshed.net /;
If you want to use a free compiler to develop a registration machine, you can choose one of them. The C ++ core is gnucpp.
--- Rosasm
Http://rosasm.org;
Contains 12 basic assembly tutorials. 5. debugger and anti-Assembler
--- Olly
Http://ollydbg.de/
Required to use the debugger under ring3
--- Syser
Http://www.sysersoft.com /;
The perfect visual debugger under ring0 is not very stable, but it is very cool to use.
--- Windbg
Http://www.Micro $ oft.com/whdc/devtools/debugging/default.mspx
Microsoft ring0 Debugger
--- IDA
Http://www.datarescue.com /;
Interactive anti-Assembler for Static Analysis
--- Pvdasm
Http://pvdasm.reverse-engineering.net /;
Very interesting disassembly Project
--- Olly plugins
Http://woodmann.net/ollystuph/index.php;
Many useful OD plug-ins
--- Shadow's Olly
Hxxp: // navig8.to/shadow/
You must pay for the modified version OD. 6 training tools
--- Filemon, regmon
Hxxp: // www.sysinternals.com/fileanddiskutilities.html
File, registry monitoring
--- Lordpe
Hxxp: // www.softpedia.com/get/programming/file-editors/lordpe.shtml
You can browse, modify PE headers, segments, import tables, directories, etc. 7. Linux Problems
--- NASM anti-Assembler
Hxxp: // nasm.sourceforge.net /;
Open-source cross-platform Assembler
--- GNU Debugger
Hxxp: // www.gnu.org/software/gdb/gdb.html /;
Both Linux and Windows support remote debugging 8 recommended books (charged)
--- Reverse: Secrets of Reverse Engineering
Foundation of reverse engineering, value for money
--- Rootkits: subverting the Windows Kernel
Advanced books are not suitable for beginners. If you are reading him in the reverse direction, he will clearly explain the technologies that are hard to learn through other ways. 9. Advanced reverse publications
--- Reverse program analysis example
Http://www.honeynet.org/scans/scan33/nico;
Discusses reverse and reverse technologies, from pe headers to reverse debugging to virtual machines
--- Anti-assembler and other tools
Http://www.cybertech.net /~ Sh0ksh0k/projects /;
A group of useful tools, including injection, pasting, and port redirection
--- Introduce table structure and redirection
Http://www.codeproject.com/useritems/inject2it.asp; 10 network hackers
Http://www.pulltheplug.org/wargames/vortex;
Beginners practice hacking and programming war games and teach you how to master overflow Technologies |
