• Version
• Download 1063
• File Size 6.52 MB
• File Count 1
• Create Date August 28, 2014
• Last Updated April 19, 2022

DO YOU WANT TO BECOME AN IT SEC MASTER? READ HAKIN9′S REVERSE ENGINEERING COMPENDIUM!

Dear Readers,

We would like to introduce a brand new compendium made by Hakin9. This time you will deal with reverse engineering. It is the process of exploration products such as computer devices or software to analyze how it is working and how it is made at all. Or try to make a new product working in the same way but without duplication of the original.

With our new Reverse Engineering Compendium you will lear different types of reverse engineering techniques, the tools such as debbugers. Furthermore you will read a bit about malware reverse engineering. We are also sure that Reverse It Yourself chapter will allow you to understand basics of reverse enginnering, and will be a great guide to start your adventure with it.

We hope our step-by-step tutorials written by experts will turn you into professional reverse engineers!

Inside:

THE TOOLS

How to Analyze Applications With Olly Debugger?

By Jaromir Horejsi, Malware Analyst at AVAST Software

When you write your own programs and you would like to change or modify some of their functions, you simply open the source code you have, make desired changes, recompile and your work is done. However, you don’t need to have source code to modify function of a program – using specialized tools, you can understand a lot from program binary file, you can add your new functions and features and you can also modify and alter its behavior. Process of analyzing computer program’s structure, functions and operations without having a source code available is called reverse engineering.

How to use Socat and Wireshark for Practical SSL Protocol Reverse Engineering?

By Shane R. Spencer, Information Technology Professional

Secure Socket Layer (SSL) Man-In-the-Middle (MITM) proxies have two very specific purposes. The first is to allow a client with one set of keys to communicate with a service that has a different set of keys without either side knowing about it. This is typically seen as a MITM attack but can be used for productive ends as well. The second is to view the unencrypted data for security, educational, an reverse engineering purposes. For instance, a system administrator could set up a proxy to allow SSL clients that don’t support more modern SSL methods or even SSL at all to get access to services securely. Typically, this involves having the proxy set up behind your firewall so that unencrypted content stays within the confines of your local area.

How to Disassemble and Debug Executable Programs on Linux, Windows and Mac OS X?

By Jacek Adam Piasecki, Tester/Programmer

The Interactive Disassembler Professional (IDA Pro) is an extremely powerful disassembler distributed by Hex-Rays. Although IDA Pro is not the only disassembler, it is the disassembler of choice for many malware analysts, reverse engineers, and vulnerability analysts.

MALWARE REVERSE ENGINEERING

Malware Reverse Engineering

By Bamidele Ajayi, OCP, MCTS, MCITP EA, CISA, CISM

Reverse engineering is a vital skill for security professionals. Reverse engineering malware to discovering vulnerabilities in binaries are required in order to properly secure Information Systems from today’s ever evolving threats.

Android Reverse Engineering: An Introductory Guide to Malware Analysis

By Vicente Aguilera Diaz, CISA, CISSP, CSSLP, PCI ASV, ITIL Foundation, CEH|I, ECSP|I, OPSA

The Android malware has followed an exponential growth rate in recent years, in parallel with the degree of penetration of this system in different markets. Currently, over 90% of the threats to mobile devices have Android as a main target. This scenario has led to the demand for professionals with a very specific knowledge on this platform.

Deep Inside Malicious PDF

By Yehia Mamdouh, Founder and Instructor of Master Metasploit Courses, CEH, CCNA

Nowadays People share documents all the time and most of the attacks based on client side attack and target applications that exist in the user, employee OS, from one single file the attacker can compromise a large network. PDF is the most sharing file format, due to PDFs can include active content, passed within the enterprise and across Networks. In this article we will make Analysis to catch Malicious PDF files.

REVERSE ENGINEERING TECHNIQUES

How to Identify and Bypass Anti-reversing Techniques?

By Eoin Ward, Security Analyst – Anti Malware at Microsoft

Learn the anti-reversing techniques used by malware authors to thwart the detection and analysis of their precious malware. Find out about the premier shareware debugging tool Ollydbg and how it can help you bypass these anti-reversing techniques.This article aims to look at anti-reversing techniques used in the wild. These are tricks used by malware authors to stop or impede reverse engineers from analysing there files.

How to Defeat Code Obfuscation While Reverse Engineering?

By Adam Kujawa, Malware Intelligence Analyst at Malwarebytes

Have you ever decompiled malware or another application and found nothing but a small amount of code and lots of junk? Have you ever been reading decompiled code only to watch it jump into a section that does not exist? If you have been in either of these situations, chances are you were dealing with obfuscated code or a packed binary. Not all is lost however, as getting around these methods of code protection is not impossible. However, all obfuscated code must be de-obfuscated before it can run. Keeping this in mind, it is possible to decrypt, de-obfuscate and unpack every line of code in every kind of program, the trick is simply knowing how.

Reverse Engineering – Shellcodes Techniques

By Eran Goldstein, CEH, CEI, CISO, Security+, MCSA, MCSE Security

The concept of reverse engineering process is well known, yet in this article we are not about to discuss the technological principles of reverse engineering but rather focus on one of the core implementations of reverse engineering in the security arena. Throughout this article we’ll go over the shellcodes’ concept, the various types and the understanding of the analysis being performed by a “shellcode” for a software/program.

REVERSE IT YOURSELF

How to Reverse the Code?

By Raheel Ahmad, Writer – Information Security Analyst & eForensics at Hakin9

Although revealing the secret is always an appealing topic for any audience, Reverse Engineering is a critical skill for programmers. Very few information security professionals, incident response analysts and vulnerability researchers have the ability to reverse binaries efficiently. You will undoubtedly be at the top of your professional field (Infosec Institute).

It is like finding a needle in a dark night. Not everyone can be good at decompiling or reversing the code. I can show a roadmap to successfully reverse the code with tools but reverse engineering requires more skills and techniques.

How to Reverse Engineer dot NET Assemblies

By Soufiane Tahiri, InfoSec Institute Contributor and Computer Security Researcher

The concept of dot NET can be easily compared to the concept of JAVA and Java Virtual Machine, at least when talking about compilation. Unlike most of traditional programming languages like C/C++, application were developed using dot NET frameworks are compiled to a Common Intermediate Language (CIL or Microsoft Common Intermediate Language MSIL) – which can be compared to bytecode when talking about Java programs – instead of being compiled directly to the native machine executable code, the Dot Net Common Language Runtime (CLR) will translate the CIL to the machine code at runtime. This will definitely increase execution speed but has some advantages since every dot NET program will keep all classes’ names, functions’ names variables and routines’ names in the compiled program. And this, from a programmer’s point of view, is such a great thing since we can make different parts of a program using different programming languages available and supported by frameworks.

Reversing with Stack-Overflow and Exploitation

By Bikash Dash, RHCSA, RHCE, CSSA

The prevalence of security holes in program and protocols, the increasing size and complexity of the internet, and the sensitivity of the information stored throughout have created a target-rich environment for our next generation advisory. The criminal element is applying advance technique to evade the software/tool security. So the Knowledge of Analysis is necessary. And that pin point is called “The Art Of Reverse Engineering”

How to Reverse Engineer?

By Lorenzo Xie, The owner of XetoWare.COM

If you are a programmer, software developer, or just tech savvy, then you should have heard about reverse engineering and know both its good and evil side. Just in case, here is a brief introduction for those who don’t know what it is. In this article, we are going to talk about RCE, also known as reverse code engineering. Reverse code engineering is the process where the code and function of a program is modified, or may you prefer: reengineered without the original source code. For example, if a software programmer has created a program with a bug, does not release a fix, then an experienced end user can reverse engineer the application and fix the bug for everyone using the program. Sounds helpful doesn’t it?

Write Your Own Debugger

By Amr Thabet, malware Researcher at Q-CERT, ictQUATAR

Do you want to write your own debugger? … Do you have a new technology and see the already known products like OllyDbg or IDA Pro don’t have this technology? … Do you write plugins in OllyDbg and IDA Pro but you need to convert it into a separate application? … This article is for you.In this article, I’m going to teach you how to write a full functional debugger using the Security Research and Development Framework (SRDF) … how to disassemble instructions, gather Process Information and work with PE Files … and how to set breakpoints and work with your debugger.

Attached Files