Reverse Engineering for Beginners
#1
"Reverse Engineering for Beginners" free book

Written by Dennis Yurichev (yurichev.com).

Contents

Topics discussed: x86/x64, ARM/ARM64, MIPS, Java/JVM.

Topics touched: Oracle RDBMS, Itanium, copy-protection dongles, LD_PRELOAD, stack overflow, ELF, win32 PE file format, x86-64, critical sections, syscalls, TLS, position-independent code (PIC), profile-guided optimization, C++ STL, OpenMP, win32 SEH.


PDF: http://go.yurichev.com/21010 (A4)
PDF: http://go.yurichev.com/21011 (A5)

Russian PDFs: http://go.yurichev.com/21012 (A4)
Russian PDFs: http://go.yurichev.com/21013 (A5)

Lite (introductory) version
There are also lite (introductory) version. It is approximately 6 times shorter than full version (~150 pages) and intended to those who wants very quick introduction to reverse engineering basics. There are nothing about MIPS, ARM, OllyDBG, GCC, GDB, IDA, there are no exercises, examples, etc.

PDF: http://go.yurichev.com/21014 (A4)
PDF: http://go.yurichev.com/21015 (A5)

Russian PDFs: http://go.yurichev.com/21016 (A4)
Russian PDFs: http://go.yurichev.com/21017 (A5)
Reply
#2
Links posted in the thread for the lite version are down, however, they can be found on here:
https://archive.org/details/ReverseEngin...nersEnLite
Reply
#3
This looks like a valuable resource, especially for people who are new to the art. Do you have any good tutorials on modern exploit construction?
Reply
#4
(10-31-2018, 09:25 AM)koringer Wrote: This looks like a valuable resource, especially for people who are new to the art. Do you have any good tutorials on modern exploit construction?

Can't say I'm too well versed with the subject myself. So I'm not sure about modern exploit construction. But in my opinion, looking into the foundations first will give you a steady ground to continue on your own from.

It's not exactly modern, but I would recommend CoreLans exploit writing tutorial series.

https://www.corelan.be/index.php/2009/07...overflows/
See bottom for part 2,3,4, .... 11 etc. There's a lot of information!
Reply
#5
(10-31-2018, 11:10 PM)Insider Wrote:
(10-31-2018, 09:25 AM)koringer Wrote: This looks like a valuable resource, especially for people who are new to the art. Do you have any good tutorials on modern exploit construction?

Can't say I'm too well versed with the subject myself. So I'm not sure about modern exploit construction. But in my opinion, looking into the foundations first will give you a steady ground to continue on your own from.

It's not exactly modern, but I would recommend CoreLans exploit writing tutorial series.

https://www.corelan.be/index.php/2009/07...overflows/
See bottom for part 2,3,4, .... 11 etc. There's a lot of information!

I am looking for methods to defeat address randomization and non-executable data... also stack cookies. There are likely new GPU-based hacks waiting to be discovered, and SIMD etc. has been little explored by the hacker comunity. I understand Meltdown and Spectre... but I believe that they have been largely dealt with.
Reply
#6
(11-05-2018, 07:35 PM)koringer Wrote:
(10-31-2018, 11:10 PM)Insider Wrote:
(10-31-2018, 09:25 AM)koringer Wrote: This looks like a valuable resource, especially for people who are new to the art. Do you have any good tutorials on modern exploit construction?

Can't say I'm too well versed with the subject myself. So I'm not sure about modern exploit construction. But in my opinion, looking into the foundations first will give you a steady ground to continue on your own from.

It's not exactly modern, but I would recommend CoreLans exploit writing tutorial series.

https://www.corelan.be/index.php/2009/07...overflows/
See bottom for part 2,3,4, .... 11 etc. There's a lot of information!

I am looking for methods to defeat address randomization and non-executable data... also stack cookies. There are likely new GPU-based hacks waiting to be discovered, and SIMD etc. has been little explored by the hacker comunity. I understand Meltdown and Spectre... but I believe that they have been largely dealt with.

There is a new vulnerability called portsmash that claims to allow hacking all hyperthreading cpus, this apparently can't be fixed as the vuln is inherited by design.

I know that there are people who made it for intel cpus but I heard that others are also vulnerable. You could do some research on that.
I haven't really read on this yet but I suppose that there are papers around, check those out and try to implement a poc.
Reply
#7
(11-05-2018, 07:58 PM)enmafia2 Wrote: There is a new vulnerability called portsmash that claims to allow hacking all hyperthreading cpus, this apparently can't be fixed as the vuln is inherited by design.

I know that there are people who made it for intel cpus but I heard that others are also vulnerable. You could do some research on that.
I haven't really read on this yet but I suppose that there are papers around, check those out and try to implement a poc.

Very interesting. I think that CPU design flaws that exploit timing issues will be with us for years to come.
Reply
#8
(01-19-2019, 05:21 AM)darkninja198 Wrote:
(06-10-2015, 07:51 AM)Insider Wrote:
"Reverse Engineering for Beginners" free book

Written by Dennis Yurichev (yurichev.com).

Contents

Topics discussed: x86/x64, ARM/ARM64, MIPS, Java/JVM.

Topics touched: Oracle RDBMS, Itanium, copy-protection dongles, LD_PRELOAD, stack overflow, ELF, win32 PE file format, x86-64, critical sections, syscalls, TLS, position-independent code (PIC), profile-guided optimization, C++ STL, OpenMP, win32 SEH.


PDF: http://go.yurichev.com/21010 (A4)
PDF: http://go.yurichev.com/21011 (A5)

Russian PDFs: http://go.yurichev.com/21012 (A4)
Russian PDFs: http://go.yurichev.com/21013 (A5)

Lite (introductory) version
There are also lite (introductory) version. It is approximately 6 times shorter than full version (~150 pages) and intended to those who wants very quick introduction to reverse engineering basics. There are nothing about MIPS, ARM, OllyDBG, GCC, GDB, IDA, there are no exercises, examples, etc.

PDF: http://go.yurichev.com/21014 (A4)
PDF: http://go.yurichev.com/21015 (A5)

Russian PDFs: http://go.yurichev.com/21016 (A4)
Russian PDFs: http://go.yurichev.com/21017 (A5)
most of theses links are dead.
Not really. Check the two first links.
Enter your email. And get the url.
Self explanitory.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Reverse Engineering the software with Algorithmic structure byte-666 5 1,569 07-23-2021, 03:17 AM
Last Post: poppopret
  Getting started with Malware Analysis and Reverse Engineering tomba4032 2 3,922 06-08-2021, 03:47 PM
Last Post: Insider
  Reverse Engineering - Help a beginner 0xRar 2 8,267 01-08-2021, 02:18 PM
Last Post: DeepLogic
  Reverse engineering Comic (Defon Write-up) Insider 0 8,194 08-15-2020, 01:53 PM
Last Post: Insider