Reverse Engineering (Rev)

Reverse Engineering is the process of taking a piece of software or hardware and analyzing its functions so that its functionality and behavior can be understood. Critical when dealing with Malware, or when trying to understand a system to find vulnerabilities in it.

Prerequisite Knowledge

To be able to do rev you need:

• Knowledge of C programming
• Knowledge of computer architecture / assembly language
  You don't need to be an expert in computer architecture to start doing rev. Just the basics and the rest you can learn as you go.

Static vs Dynamic Analysis

There are many ways of approaching reverse engineering. The two main ones are Static and Dynamic Analysis.

Dynamic Analysis

The art of analyzing and observing a program as it gets executed.
The main way of doing this is with a debugger like GDB

Static Analysis

Analyzing a program statically means analyzing the binary without running it. It is done by looking directly at the code and the instructions executed by the CPU.
Great tools to do this are Ghidra and IDA.

Other tools

Other great tools for reverse engineering include:

• Z3: A tool for constraint satisfaction. You give it a set of variables and constraints and it will return a set of values the variables can take to satisfy the constraints.
• angr: a binary analysis framework. Primarily used for its Symbolic Execution Capabilities.

Learning Resources

• Video Based Course (Recommended)
• Text based Course
• A FREE Book on Rev
• Test yourself on some challenges