-
Notifications
You must be signed in to change notification settings - Fork 0
Reverse Engineering
Reverse Engineering is the process of taking a piece of software or hardware and analyzing its functions so that its functionality and behavior can be understood. Critical when dealing with Malware, or when trying to understand a system to find vulnerabilities in it.
To be able to do rev you need:
- Knowledge of C programming
- Knowledge of computer architecture / assembly language
You don't need to be an expert in computer architecture to start doing rev. Just the basics and the rest you can learn as you go.
There are many ways of approaching reverse engineering. The two main ones are Static and Dynamic Analysis.
The art of analyzing and observing a program as it gets executed.
The main way of doing this is with a debugger like GDB
Analyzing a program statically means analyzing the binary without running it. It is done by looking directly at the code and the instructions executed by the CPU.
Great tools to do this are Ghidra and IDA.
Other great tools for reverse engineering include: