Hexidecimal (hex)

You will want to get very familiar with representing objects in their hex form. Most debuggers (such as GDB) and reverse engineer tools (like Ghidra) will use this notation. Try the following in a Python shell:

>>> hex(65)
'0x41'
>>> chr(0x41)
'A'

Endianness

Most computers store variables in the little-endian format. This can be counter intuitive at first. Consider a 4-byte integer. The least significant byte is actually stored first in the lower address. This is a landmine for many people new to security!

Process Layout

Notice how:

• The stack grows downwards and the heap grows upwards
• Each process has their own virtual memory starting from 0