Top products from r/ReverseEngineering
We found 40 product mentions on r/ReverseEngineering. We ranked the 37 resulting products by number of redditors who mentioned them. Here are the top 20.
1. Reversing: Secrets of Reverse Engineering
Sentiment score: 5
Number of reviews: 7
Wiley
2. Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
Sentiment score: 4
Number of reviews: 6
No Starch Press
3. Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
Sentiment score: 3
Number of reviews: 5
John Wiley Sons
4. The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities (Volume 1 of 2)
Sentiment score: 2
Number of reviews: 3
5. The IDA Pro Book, 2nd Edition: The Unofficial Guide to the World's Most Popular Disassembler
Sentiment score: 2
Number of reviews: 2
Used Book in Good Condition
6. Game Hacking: Developing Autonomous Bots for Online Games
Sentiment score: 2
Number of reviews: 2
No Starch Press
7. Compilers: Principles, Techniques, and Tools (2nd Edition)
Sentiment score: 0
Number of reviews: 1
9. HiLetgo USB Logic Analyzer Device With EMI Ferrite Ring USB Cable 24MHz 8CH 24MHz 8 Channel UART IIC SPI Debug
Sentiment score: 1
Number of reviews: 1
The logic for each channel sampling rate of 24M/s. General applications around 10M, enough to cope with a variety ofoccasions; 8-channelSampling rate up to: 24 MHz , can be 24MHz. 16MHz, 12MHz, 8MHz, 4MHz, 2MHz, 1MHz, 500KHz, 250KHz, 200KHz, 100KHz, 50KHz, 25KHz;The logic for each channel sampling r...
10. Hacking: The Art of Exploitation w/CD
Sentiment score: 1
Number of reviews: 1
Used Book in Good Condition
11. DCE/RPC over SMB: Samba and Windows NT Domain Internals
Sentiment score: 0
Number of reviews: 1
Used Book in Good Condition
12. Advanced Compiler Design and Implementation
Sentiment score: 1
Number of reviews: 1
13. Elliptic Curves: Number Theory and Cryptography, Second Edition (Discrete Mathematics and Its Applications)
Sentiment score: 1
Number of reviews: 1
Used Book in Good Condition
14. Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Sentiment score: 1
Number of reviews: 1
Wiley Publishing
16. Windows® Internals: Including Windows Server 2008 and Windows Vista, Fifth Edition (Developer Reference)
Sentiment score: 1
Number of reviews: 1
Book is in excellent Condition
17. Making Software: What Really Works, and Why We Believe It
Sentiment score: 1
Number of reviews: 1
O Reilly Media
18. Secure Coding: Principles and Practices
Sentiment score: 1
Number of reviews: 1
Used Book in Good Condition
I started from scratch on the formal CS side, with an emphasis on program analysis, and taught myself the following starting from 2007. If you're in the United States, I recommend BookFinder to save money buying these things used.
On the CS side:
On the math side, I was advantaged in that I did my undergraduate degree in the subject. Here's what I can recommend, given five years' worth of hindsight studying program analysis:
Final bit of advice: you'll notice that I heavily stuck to textbooks and Ph.D. theses in the above list. I find that jumping straight into the research literature without a foundational grounding is perhaps the most ill-advised mistake one can make intellectually. To whatever extent that what you're interested in is systematized -- that is, covered in a textbook or thesis already, you should read it before digging into the research literature. Otherwise, you'll be the proverbial blind man with the elephant, groping around in the dark, getting bits and pieces of the picture without understanding how it all forms a cohesive whole. I made that mistake and it cost me a lot of time; don't do the same.
That is a great list, just a few random comments.
Basics for discrete math, 6.042 is a nice resource, it has a free full open text book. While it's actually simpler than most of your links it actually gives a nice introduction to some of the formalisms you'll run into later.
CLRS is an amazing reference for just about anything you need. It's not a nice introduction to things but it will easily save your behind as a reference in a pinch.
My one real disagreement is your suggestion of abstract algebra book, I'm a fan of Algebra by artin. It's a bit rough, but you can usually pick up older versions fairly cheap and it comes with course notes. It can come with it's ocw counterpart. It's how I learned, and i personally think it's one of the better resources out there.
The more mature version of cousot's class is 6.820 which is a fairly good class but can actually take a while to get through the material if you don't have a friend to do it with. If you get through it, you will have one hell of a base.
For crypto, since i do love crypto probably a bit different, Stanford is a great class I suggest looking at My suggestions, start with
Number Theory and Cryptography is one of the best books I've read on EC yet. It's approachable and actually does an amazing job. If you want checks with it, try the psets here
Just a few supplementary suggestions.
You gave a great list, an absolutely a amazing roadmap
If anyone has any trouble with something in the walk-through as far as needing clarification or they are attempting to do it themselves and find I messed up somewhere, please let me know! Thank you.
The binary can be found on my github: https://github.com/emtuls/ctf/tree/master/2018-hacktober.org/Binary_Analysis/binaries -> Larry.out
For anyone that needs resources for learning Reverse Engineering, I can provide you with a baseline that I would recommend starting with. Eventually, I plan on making my own set of tutorials...but that's in the works.
x86 Assembly:
If you don't know assembly language at all, this list of videos was where I picked up a decent amount of x86 assembly language.
A few good books would be:
Hands On:
Courses:
Tons of courses on youtube. I learn well from visual, so I recommend these youtube videos:
Beyond that, Google will always be your friend, and /r/reverseengineering. I also have a bunch of material for Malware RE, but that's a bit different than Software RE, though it is relatable.
To make a long story short, at a quick glance I see:
He has created a hashing function by shuffling the character map used in a base64 encoding.
He proposes running a file containing a list of your literal string list through this application command line app, which outputs a header file, like this, ready to include containing the encoded strings and decryption key (Base64 character map) defined as macros.
The generated macros defines take this format:
define INTRO_STRING GetDecryptedString("UCcFEN/FEN/cMv19EmJpl4kpEm1NgYiGebj3")
Critique:
This looks to accomplish it's task of providing obfuscation literal strings. There could be a number of different ways to accomplish this with varying pros and cons. Other strategies may already exist, be easier, and have polished tools.
One pro of this approach is that the strings are not decrypted until used. That could also be a con since each string must be decrypted each time it is accessed.
Another possible con is that the key must be kept with the encoded hashes, but possibly the whole idea was to just withhold the key, but this would likely make the code uncompilable or function incorrectly depending on how the strings are used and handling is done without a key.
Securely encrypted strings seems to not be a requirement of this project. Since that is the case, it seems the shuffling of the base64 seems a pointless step that merely forces possessors of the code to do more than just plot the string in an online base64 decoder. One could more easily just plop plain base64 in there and avoid the extra complication or just escaping the strings in an escaped hex representation Like this:
"\x32\xA9\xD9" see MSDN C++ Character Constants
Good enough security is all we can hope to obtain{1}, so if it accomplishes the security requirements needed, then it is a success.
Qualifications:
I have been programming C++ for nearly 20 years and working as a C/C++ Windows, Linux, and embedded device programer for more than 10 years. Probably not a very good critiquer.
{1} Secure Coding: Principles and Practices by Mark G. Graff and Kenneth R. Van Wyk
I think most is kind of a rough statement. Granted there were some truly gifted people in the 70's that rocked our world.
I think we have a LOT of research papers that we sift through and the legacy papers tend to stay highlighted in time. I can imagine if you sifted through everything that existed back then, you may be saying something similar.
I've found a few great ones and if you are heavy into software engineering, you may share the enthusiasm towards a book that came out several years ago: Greg Wilson - Making Software: What Works and Why we Believe it
He also has a talk where he references some of those papers: Greg Wilson talk
He comes off strong, but he backs it with research which I appreciate. It's more about bringing data to the table if you have something you'd like to discuss. Somewhat heavy handed, but there are good papers that I've read referenced there.
The continual evaluation of Conways law and it's research still holding true today is something that I continually enjoy (Although originating from a 1967 study reinforcing your point of seminal papers from that era)
I agree with Centurion89, but as an addition — if you want a good old fashioned book — check out Hacking: The art of exploitation by Jon Erickson. The title put me off at first, as it sounded a bit script kiddy-ish, but after having read a bit I find it very good.
Its focus is not reverse engineering per se, but it walks you through writing your first C program, disassembling it, explaining what happens where in memory. Very well explained. It has a lot of networking stuff that might not be that interesting from a reversing perspective, though.
I've skipped ahead while reading in the bathroom, legs falling asleep, and I found a part where you write a small web server and exploit it. What I found a bit impressive (Well, I might be easily impressed) is how the author walks you through improving the exploit.
At first, it gives you a shell, but leaves obvious lines in the server log and hijacks the main loop, refusing more connections. It is shown how to fix that, integrating manipulation of the log writing code and making the exploit code jump back to the main loop after doing it's dirty deal so the web server can start accepting connections again.
Disclaimer: I'm obviously very new to this too, and there probably are better books for reversing, but I think basic principles shared in this book also might be useful from a reversing perspective.
Thanks for the shoutout! The link is dead, but the official is here and Amazon is here.
@OP hacking games is what ignited my passion for coding. It allowed me to make things which were in line with my hobby--gaming--and quickly became my hobby itself. Whether or not you're a gamer, it's important to apply coding to whatever grabs your attention. When you go that route, you can be sure you'll have the drive to get better and make coding a way of life. Luckily for gamers who aspire to hack, game hacking is a popular industry and the techniques have reverse engineering baked right in, so it is a double whammy.
Learn to write simple C programs. Then debug your own C programs, preferably in OS X or Linux using gcc/gdb. Then disassemble your own C code (learn how to disable optimization in the compiler; try it with no optimizaiton and then with increasing levels). Then look at C++ and (gasp) Visual BASIC and such. Turns out a ton of malware is written in these languages, and the snarl of garbage that you'll uncover that is just part of the auto-generated message handling stuff for VB will astound you, so don't start there...but it's important to understand those structures when you see them.
Then follow tutorials about reversing other programs. There are great books on this.
It helps a lot to know assembly language, but you'll tend to pick it up as you go.
You'll want better tools than just command-line disassemblers. I prefer IDA Pro.
There's a great book that uses IDA Pro with many examples to address precisely your questions.
Here's another great book on malware analysis that covers all kinds of tricks you might bump into when working on real targets.
I see all this as a long-term iterative exercise. It's fascinating.
I'm in a similar position (besides having a nice cert ;), and what I'm going through right now is a combination of Lena's tutorials, and Reversing - Secrets of Reverse Engineering. The book actually seems like a really good "foundation" kind of book, since it spends the first 4 chapters or so going over the basics of compilers, operating systems, memory, etc. As for Lena's tutorials, it's hard for me to say because I've only finished a few, but I've heard good things about them. Good luck.
I'll tell it like it is. Most colleges don't really teach useful things these days in favor of giving you a broad education and emptying your wallet. You'd probably only have one or two courses on reverse engineering, if that. The best thing to do is probably learn it on your own and take whichever major of those you enjoy more. I recommend checking out this book for software RE. http://www.amazon.com/gp/product/0764574817/ref=as_li_ss_tl?ie=UTF8&camp=1789&creative=390957&creativeASIN=0764574817&linkCode=as2&tag=viewsite-20
I have some knowledge on assembly and RE (Win32), but I never really got that much deep into it. I learned things as I needed in order to do my stuff.
I think the important thing here is to have a solid understanding of the architecture you're working on (for example x86/x86_64), the OS internals, and C. Without this you are going to have a very unpleasant and even painful experience.
If you don't have it yet, take the time and learn it, and then go back to RE. It will be worth it and save you a lot of effort. If you already have it, then things shall come easier to you.
If you are using Windows, I highly recommend David A. Solomon's and Mark Russinovich's Windows Internals book. It's an unmatched resource about Windows and will help you greatly.
Hewardt also made the Advanced .NET Debugging book which is pretty great for that type of debugging.
https://www.amazon.com/Advanced-NET-Debugging-Mario-Hewardt/dp/0321578899
Given you're a CS student, I'll assume you have at least a passing enjoyment of video games. /u/nickcano has a great book on game hacking if you're looking for an avenue to intersect learning with an existing hobby.
https://www.amazon.com/Game-Hacking-Developing-Autonomous-Online/dp/1593276699&ved=0ahUKEwi4lq_2y5rZAhURM6wKHfXOB98Q5OUBCF0wBw&usg=AOvVaw18ufFhR9oBAwJTzgMW9gA3
"Source code fuzzers". Wow. Unless you're fuzzing a compiler/interpreter, it doesn't make any sense at all. Really, you should start by finding in Google about the subject.
In any case, I recommend you to read the book "The art of software security assessment" [1] and a Bug Hunter's Diary[2].
[1] http://www.amazon.com/The-Software-Security-Assessment-Vulnerabilities/dp/0321444426
[2] http://www.amazon.com/Bug-Hunters-Diary-Software-Security/dp/1593273851
Voltage is important. You could be looking at "real" RS232 or something like TTL/CMOS UART. Additionally, there is no guarantee that the pins will be wired as they are in the cables you linked (especially if going to JST). Best practice would be to check ground continuity (while off) and voltage levels (while on) and use a logic analyzer on the inputs (eg. Haven't used this exact one, but it is a popular Chinese clone https://www.amazon.com/HiLetgo-Analyzer-Ferrite-Channel-Arduino/dp/B077LSG5P2/ref=mp_s_a_1_1?ie=UTF8&qid=1555138013&sr=1-1&pi=AC_SX236_SY340_FMwebp_QL65&dpPl=1&dpID=41wZsMYKyUL&ref=plSrch). Note that if you do find voltages in excess of 5 v, you are probably working with spec RS232 voltages and you should use a different logic analyzer than the one that I linked.
Chapter 3 - Windows fundamentals; Secrets of Reverse engineering by Eldad Eilam should be an easy high level overview of the subject. The rest of the book is a great resource too.
I'm in a similar situation and some resources that I'm finding really eye opening are Trailofbits CTF Guide and the book [The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities] (http://www.amazon.com/The-Software-Security-Assessment-Vulnerabilities/dp/0321444426).
I also find other people exploits and presentations inspiring in a sense :)
Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation https://www.amazon.com/dp/1118787315 is very good and has a huge ARM part
this book has a good chapter on some of the anti RE techniques http://www.amazon.com/Practical-Malware-Analysis-Dissecting-Malicious/dp/1593272901/ref=sr_1_2?ie=UTF8&qid=1372962928&sr=8-2&keywords=malware+reverse+engineering
also check out http://opensecuritytraining.info/ReverseEngineeringMalware.html
the wiki file has some info that might help
regarding your legal question http://en.wikipedia.org/wiki/Reverse_engineering#United_States
https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901
I rarely just recommend one source, since often authors have a specific take (say, a book might be targetted towards the academics, people who use a specific tool, or people who are doing some specific task) - but https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901 is absolutely incredible from every angle.
Follow that with learning kernel syscall/monitoring tools [procexp,procmon,the sysinternals suite], disassembly tools[IDA/radare/whatever], and a debugger[WinDBG] + Mark's book on Windows Internals 6th edition both volumes (it's long but its worth it). And youre well on your way.
For Linux/BSD, look at kernelnewbies for Linux and the online handbook for at least FreeBSD, ktrace/ptrace/truss/strace for the syscall analysis type stuff, IDA/radare/hopper all are cross platform so you're golden there, and perhaps calling conventions (cdecl vs what-not).
Thanks for the list. I've been recommended Reversing: Secrets of Reverse Engineering by a friend but it didn't make this list. Does anyone know why?
See also:
http://www.amazon.com/DCE-RPC-over-SMB-Internals/dp/1578701503
This is still one of my all time favorite books in R.E.
Which book is better for very begginers?
https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901/
or
https://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315
I suppose you could just read Practical Reverse Engineering. The typical methods are explained there for reverse engineers. It's kind of an "arms race", so I doubt any one place will have a full set of up to date info. Also, companies who do this sort of thing will not usually be willing to outline exactly what they do and how they do it. Obviously, disclosing that would only help crackers.
http://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315/ref=sr_1_1?ie=UTF8&qid=1406820088&sr=8-1&keywords=practical+reverse+engineering
Took the course in December, studying and reading further in Practical Malware Analysis currently. Planning on sitting the exam sometime late February.
Have you worked through the loop detection in the Dragon Book? There are some slides on it here:
http://www.cs.cmu.edu/afs/cs/academic/class/15745-s03/public/lectures/L7_handouts.pdf
https://www.amazon.com/Advanced-Windows-Debugging-Mario-Hewardt/dp/0321374460
https://social.msdn.microsoft.com/forums/windowsdesktop/en-us/home?forum=windbg
http://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315/ref=sr_1_1?s=books&ie=UTF8&qid=1405264006&sr=1-1&keywords=practical+reverse+engineering
Hah. Just got my order of "Reversing: Secrets of Reverse Engineering" in recently. I'll have to finish that, first.