I started from scratch on the formal CS side, with an emphasis on program analysis, and taught myself the following starting from 2007. If you're in the United States, I recommend BookFinder to save money buying these things used.

On the CS side:

• Basic automata/formal languages/Turing machines; Sipser is recommended here.
  
• Basic programming language theory; I used University of Washington CSE P505 online video lectures and materials and can recommend it.
  
• Formal semantics; Semantics with Applications is good.
  
• Compilers. You'll need several resources for this; my personal favorites for an introductory text are Appel's ML book or Programming Language Pragmatics, and Muchnick is mandatory for an advanced understanding. All of the graph theory that you need for this type of work should be covered in books such as these.
  
• Algorithms. I used several books; for a beginner's treatment I recommend Dasgupta, Papadimitriou, and Vazirani; for an intermediate treatment I recommend MIT's 6.046J on Open CourseWare; for an advanced treatment, I liked Algorithmics for Hard Problems.
  
  On the math side, I was advantaged in that I did my undergraduate degree in the subject. Here's what I can recommend, given five years' worth of hindsight studying program analysis:
  
  
• You run into abstract algebra a lot in program analysis as well as in cryptography, so it's best to begin with a solid foundation along those lines. There's a lot of debate as to what the best text is. If you're never touched the subject before, Gallian is very approachable, if not as deep and rigorous as something like Dummit and Foote.
  
• Order theory is everywhere in program analysis. Introduction to Lattices and Order is the standard (read at least the first two chapters; the more you read, the better), but I recently picked up Lattices and Ordered Algebraic Structures and am enjoying it.
  
• Complexity theory. Arora and Barak is recommended.
  
• Formal logic is also everywhere. For this, I recommend the first few chapters in The Calculus of Computation (this is an excellent book; read the whole thing).
  
• Computability, undecidability, etc. Not entirely separate from previous entries, but read something that treats e.g. Goedel's theorems, for instance The Undecidable.
  
• Decision procedures. Read Decision Procedures.
  
• Program analysis, the "accessible" variety. Read the BitBlaze publications starting from the beginning, followed by the BAP publications. Start with these two: TaintCheck and All You Ever Wanted to Know About Dynamic Taint Analysis and Forward Symbolic Execution. (BitBlaze and BAP are available in source code form, too -- in OCaml though, so you'll want to learn that as well.) David Brumley's Ph.D. thesis is an excellent read, as is David Molnar's and Sean Heelan's. This paper is a nice introduction to software model checking. After that, look through the archives of the RE reddit for papers on the "more applied" side of things.
  
• Program analysis, the "serious" variety. Principles of Program Analysis is an excellent book, but you'll find it very difficult even if you understand all of the above. Similarly, Cousot's MIT lecture course is great but largely unapproachable to the beginner. I highly recommend Value-Range Analysis of C Programs, which is a rare and thorough glimpse into the development of an extremely sophisticated static analyzer. Although this book is heavily mathematical, it's substantially less insane than Principles of Program Analysis. I also found Gogul Balakrishnan's Ph.D. thesis, Johannes Kinder's Ph.D. thesis, Mila Dalla Preda's Ph.D. thesis, Antoine Mine's Ph.D. thesis, and Davidson Rodrigo Boccardo's Ph.D. thesis useful.
  
• If you've gotten to this point, you'll probably begin to develop a very selective taste for program analysis literature: in particular, if it does not have a lot of mathematics (actual math, not just simple concepts formalized), you might decide that it is unlikely to contain a lasting and valuable contribution. At this point, read papers from CAV, SAS, and VMCAI. Some of my favorite researchers are the Z3 team, Mila Dalla Preda, Joerg Brauer, Andy King, Axel Simon, Roberto Giacobazzi, and Patrick Cousot. Although I've tried to lay out a reasonable course of study hereinbefore regarding the mathematics you need to understand this kind of material, around this point in the course you'll find that the creature we're dealing with here is an octopus whose tentacles spread in every direction. In particular, you can expect to encounter topology, category theory, tropical geometry, numerical mathematics, and many other disciplines. Program analysis is multi-disciplinary and has a hard time keeping itself shoehorned in one or two corners of mathematics.
  
• After several years of wading through program analysis, you start to understand that there must be some connection between theorem-prover based methods and abstract interpretation, since after all, they both can be applied statically and can potentially produce similar information. But what is the connection? Recent publications by Vijay D'Silva et al (1, 2, 3, 4, 5) and a few others (1 2 3 4) have begun to plough this territory.
  
• I'm not an expert at cryptography, so my advice is basically worthless on the subject. However, I've been enjoying the Stanford online cryptography class, and I liked Understanding Cryptography too. Handbook of Applied Cryptography is often recommended by people who are smarter than I am, and I recently picked up Introduction to Modern Cryptography but haven't yet read it.
  
  Final bit of advice: you'll notice that I heavily stuck to textbooks and Ph.D. theses in the above list. I find that jumping straight into the research literature without a foundational grounding is perhaps the most ill-advised mistake one can make intellectually. To whatever extent that what you're interested in is systematized -- that is, covered in a textbook or thesis already, you should read it before digging into the research literature. Otherwise, you'll be the proverbial blind man with the elephant, groping around in the dark, getting bits and pieces of the picture without understanding how it all forms a cohesive whole. I made that mistake and it cost me a lot of time; don't do the same.

That is a great list, just a few random comments.

Basics for discrete math, 6.042 is a nice resource, it has a free full open text book. While it's actually simpler than most of your links it actually gives a nice introduction to some of the formalisms you'll run into later.

CLRS is an amazing reference for just about anything you need. It's not a nice introduction to things but it will easily save your behind as a reference in a pinch.

My one real disagreement is your suggestion of abstract algebra book, I'm a fan of Algebra by artin. It's a bit rough, but you can usually pick up older versions fairly cheap and it comes with course notes. It can come with it's ocw counterpart. It's how I learned, and i personally think it's one of the better resources out there.

The more mature version of cousot's class is 6.820 which is a fairly good class but can actually take a while to get through the material if you don't have a friend to do it with. If you get through it, you will have one hell of a base.

For crypto, since i do love crypto probably a bit different, Stanford is a great class I suggest looking at My suggestions, start with

• Technically before Pitfalls by schneier, giving what the hell can go wrong.
  
  
• 6.857 it's got good course notes and will teach you the basics, and some notation. It also goes over the simple groups and osme older algorithms
  
  
  
• Matthew Green's blog is a great place to read about some concepts in simpler terms. It's more protocol based than it is algorithm based, but presents information in a digestible format.
  
  
• Understanding cryptography keeps on this and goes further than 857 does and continues on this journey
  
  
• A bit older but schneiers self study is an interesting set of reads. It gives you papers that help you build up to where to go next, what things will actually occur again and again.
  
  
• A bit more advanced cryptography course It goes further in depth than the stanford course, or 857. It goes further into ZKP than I believe really is needed but goes into some of the other concepts pretty well.
  
  
• This is my off the wall suggestion, Elliptic Curves
  Number Theory and Cryptography is one of the best books I've read on EC yet. It's approachable and actually does an amazing job. If you want checks with it, try the psets here
  
  
  Just a few supplementary suggestions.
  
  You gave a great list, an absolutely a amazing roadmap

If anyone has any trouble with something in the walk-through as far as needing clarification or they are attempting to do it themselves and find I messed up somewhere, please let me know! Thank you.

The binary can be found on my github: https://github.com/emtuls/ctf/tree/master/2018-hacktober.org/Binary_Analysis/binaries -> Larry.out


For anyone that needs resources for learning Reverse Engineering, I can provide you with a baseline that I would recommend starting with. Eventually, I plan on making my own set of tutorials...but that's in the works.

x86 Assembly:


If you don't know assembly language at all, this list of videos was where I picked up a decent amount of x86 assembly language.


A few good books would be:

• Hacking: The Art of Exploitation I am a huge advocate for this book. I learned a lot from this and have read it multiple times. It is written very well and teaches someone with no experience how to do C programming and assembly. This is mainly a book for learning exploitation/vulnerability research, but that can play hand and hand with Reverse Engineering. It will show you the assembly language break down of basic exploits and this can help you with RE.
  
  
• Practical Reverse Engineering I read through the beginning of this book and it gave me some good foundations of understanding memory and computer architecture for RE along with assembly of course
  
  
• Secrets of Reverse Engineering This book is a bit in depth, but the beginning gives another good foundation for Comp Architecture and assembly stuff.
  
  
• The IDA Pro Book Haven't personally read this book yet, but I have been told it is the defacto standard for learning IDA Pro, and it has examples you can learn from.
  
  Hands On:
  
  
  
• Legend of Random Very useful hands on with tutorials. Mainly based on cracking, but that requires reverse engineering. Highly recommend this!
  
  
• Lenas Tutorials Again, another awesome hands on tutorial, mostly based on cracking as well.
  
  
• Crackmes These are more of challenges once you start to have a little understanding down
  
  Courses:
  
  Tons of courses on youtube. I learn well from visual, so I recommend these youtube videos:
  
  
  
• Basic Dynamic Analysis
  
• Real World Decompilation There are a few videos to this series and he disassembles a game, definitely nice to learn from.
  
  
  Beyond that, Google will always be your friend, and /r/reverseengineering. I also have a bunch of material for Malware RE, but that's a bit different than Software RE, though it is relatable.

To make a long story short, at a quick glance I see:

He has created a hashing function by shuffling the character map used in a base64 encoding.

He proposes running a file containing a list of your literal string list through this application command line app, which outputs a header file, like this, ready to include containing the encoded strings and decryption key (Base64 character map) defined as macros.

The generated macros defines take this format:

define INTRO_STRING GetDecryptedString("UCcFEN/FEN/cMv19EmJpl4kpEm1NgYiGebj3")

Critique:

This looks to accomplish it's task of providing obfuscation literal strings. There could be a number of different ways to accomplish this with varying pros and cons. Other strategies may already exist, be easier, and have polished tools.

One pro of this approach is that the strings are not decrypted until used. That could also be a con since each string must be decrypted each time it is accessed.

Another possible con is that the key must be kept with the encoded hashes, but possibly the whole idea was to just withhold the key, but this would likely make the code uncompilable or function incorrectly depending on how the strings are used and handling is done without a key.

Securely encrypted strings seems to not be a requirement of this project. Since that is the case, it seems the shuffling of the base64 seems a pointless step that merely forces possessors of the code to do more than just plot the string in an online base64 decoder. One could more easily just plop plain base64 in there and avoid the extra complication or just escaping the strings in an escaped hex representation Like this:

"\x32\xA9\xD9" see MSDN C++ Character Constants

Good enough security is all we can hope to obtain{1}, so if it accomplishes the security requirements needed, then it is a success.

Qualifications:

I have been programming C++ for nearly 20 years and working as a C/C++ Windows, Linux, and embedded device programer for more than 10 years. Probably not a very good critiquer.

{1} Secure Coding: Principles and Practices by Mark G. Graff and Kenneth R. Van Wyk

I think most is kind of a rough statement. Granted there were some truly gifted people in the 70's that rocked our world.

I think we have a LOT of research papers that we sift through and the legacy papers tend to stay highlighted in time. I can imagine if you sifted through everything that existed back then, you may be saying something similar.

I've found a few great ones and if you are heavy into software engineering, you may share the enthusiasm towards a book that came out several years ago: Greg Wilson - Making Software: What Works and Why we Believe it

He also has a talk where he references some of those papers: Greg Wilson talk

He comes off strong, but he backs it with research which I appreciate. It's more about bringing data to the table if you have something you'd like to discuss. Somewhat heavy handed, but there are good papers that I've read referenced there.

The continual evaluation of Conways law and it's research still holding true today is something that I continually enjoy (Although originating from a 1967 study reinforcing your point of seminal papers from that era)

I agree with Centurion89, but as an addition — if you want a good old fashioned book — check out Hacking: The art of exploitation by Jon Erickson. The title put me off at first, as it sounded a bit script kiddy-ish, but after having read a bit I find it very good.

Its focus is not reverse engineering per se, but it walks you through writing your first C program, disassembling it, explaining what happens where in memory. Very well explained. It has a lot of networking stuff that might not be that interesting from a reversing perspective, though.

I've skipped ahead while reading in the bathroom, legs falling asleep, and I found a part where you write a small web server and exploit it. What I found a bit impressive (Well, I might be easily impressed) is how the author walks you through improving the exploit.

At first, it gives you a shell, but leaves obvious lines in the server log and hijacks the main loop, refusing more connections. It is shown how to fix that, integrating manipulation of the log writing code and making the exploit code jump back to the main loop after doing it's dirty deal so the web server can start accepting connections again.

Disclaimer: I'm obviously very new to this too, and there probably are better books for reversing, but I think basic principles shared in this book also might be useful from a reversing perspective.

I have some knowledge on assembly and RE (Win32), but I never really got that much deep into it. I learned things as I needed in order to do my stuff.
I think the important thing here is to have a solid understanding of the architecture you're working on (for example x86/x86_64), the OS internals, and C. Without this you are going to have a very unpleasant and even painful experience.
If you don't have it yet, take the time and learn it, and then go back to RE. It will be worth it and save you a lot of effort. If you already have it, then things shall come easier to you.
If you are using Windows, I highly recommend David A. Solomon's and Mark Russinovich's Windows Internals book. It's an unmatched resource about Windows and will help you greatly.

Hewardt also made the Advanced .NET Debugging book which is pretty great for that type of debugging.

https://www.amazon.com/Advanced-NET-Debugging-Mario-Hewardt/dp/0321578899

"Source code fuzzers". Wow. Unless you're fuzzing a compiler/interpreter, it doesn't make any sense at all. Really, you should start by finding in Google about the subject.

In any case, I recommend you to read the book "The art of software security assessment" [1] and a Bug Hunter's Diary[2].

[1] http://www.amazon.com/The-Software-Security-Assessment-Vulnerabilities/dp/0321444426

[2] http://www.amazon.com/Bug-Hunters-Diary-Software-Security/dp/1593273851

/u/igor_sk and /u/andyac posted some great resources. I'd also like to point out that the IDA Pro Book goes into more than a few details about embedded firmware reversing throughout the book.

See also:

http://www.amazon.com/DCE-RPC-over-SMB-Internals/dp/1578701503

This is still one of my all time favorite books in R.E.

Have you worked through the loop detection in the Dragon Book? There are some slides on it here:

http://www.cs.cmu.edu/afs/cs/academic/class/15745-s03/public/lectures/L7_handouts.pdf

Does anyone have any experience with the serial protocol on iFIT modules like this one? I'm specifically trying to RE the serial protocol out of the module on the "BRAIN" connector of the treadmill mobo. I've seen telnet hacks, but you have to subscribe to a service to even configure wifi on the stupid thing.