Learning Reverse Engineering

Resources to learn more about reverse engineering and binary exploitation

Contents

• Tools
  • Disassemblers
  • Programming
  • Other Tools
• Guides
  • Video Series
  • Courses
  • Other Guides
• CTF Challenges
• Papers
• Sites
• Heap Exploitation

Tools

Decompilers

• Ghidra - developed by the NSA for reverse engineering which is widely used

• IDA Pro - developed by Hex-Rays used for reverse engineering and debugging

• retdec - open source decompiler based around LLVM

  Programming

• angr - an open-source binary analysis platform for Python, angr examples is very useful

• Capstone Engine - a disassembly framework with the target of becoming the ultimate disasm engine for binary analysis and reversing in the security community.

  Other Tools

• wrestool - a tool to extract resources from Microsoft Windows binaries

  Guides

  Video Series

• Binary Exploitation / Memory Corruption by LiveOverflow - an introduction to binary exploitation along with going in-depth into more advanced topics

• Reversing Wannacry by stacksmashing - reversing the well known malware wannacry using Ghidra

  Courses

• Hack the Box: Intro to Assembly Language - an introduction to the assembly language along with surface level exploitation techniques

  Other Guides

• ctf101 - guides for various CTF categories including binary exploitation

• NSA Codebreakers - the NSA codebreaker challenge is a yearly challenge but the resources to learn how to solve the challenges are on their resources page

• exploit.education - provides various virtual machines that contain vulnerabilities along with explanations on the potential exploits

CTF Challenges

• crackmes
• picoCTF

Papers

• SOK: (State of) The Art of War: Offensive Techniques in Binary Analysis

Sites

• godbolt.org - see how code is compiled
• dogbolt.org - see how different decompilers decompile an executable
• binvis.io - visual analysis of binary files

Heap Exploitation

• how2heap - a repo for learning various heap exploitation techniques
• heap-exploitation - a book about the internals of glibc malloc and free and exploitation techniques
• Cueing up a calculator: an introduction to exploit development on Linux - an article explaining heap exploitation used in CVE-2023-43641 and how the vulnerability was discovered along with the development of an exploit

Motive

I’m trying to learn more about reverse engineering and binary explotation but it’s such an information packed subject that the resources can be overwhelming.

This repo tackles that problem by gathering all the resources in one spot and give a brief description.