#1
|
|||
|
|||
Where to start? Where to go? The right reversing path (?)
Hello dear friends, hope you can give me some advises on where to go, because Im a little confused about how to create a good learning curve.I tried to search a similar post to not make a new one but I didnt found.
Im very interested on how things work, not only computers, mechanic, medicine, etc. I did 14 years ago a Certification that lead my to a work that I like what I do and plus it puts food in the table for my family. In that certification they make me do in the 48 hour exam a 32bit shellcode (It was a MessageBox) and I had to exploit an Overflow bypassing ASLR on Vista. Now Im on the need of going deep down the rabbit-hole , in Coding and Operating Systems. I collected a lot of courses but no one satisfies me really, because I never end finishing anyone, so Im here to ask help on where to start. I want to learn how use debuggers , understand the basics of Reversing, but with a good base. I know bits of things, but Im not in deph what I would like to be. In this post @blue_devil, and @chessgod101 , tried to help me and gave me Assembly references to start: https://forum.exetools.com/showthread.php?p=127430 Im seeing RIcardo Narvaja`s reversing courses, but I feel its not enough, Im not having FUN*. I dont know what im doing wrong. I was seeing all the old posts , and I very exited to be here in a forum with so many people who knows a lot, and is humble. I was doubting to start this post because one always should try to find its own path, but Im really kinda stuck. Thanks for Reading, Your forum buddy, Rampage. |
#2
|
|||
|
|||
Sure. I started myself with this book:
"Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System" - Reverend Bill Blunden. Also: "Mastering Malware Analysis: The complete malware analyst's guide to combating malicious software, APT, cybercrime, and IoT attacks" And "Windows Internals" (Series) Though the first one is the best for getting into kernel land, if that is even what you want? A great hands on practice will give you the "Extreme Vulnerable Driver". It comes with a huge collection of blogs that explain you all the different flaws in the driver and how to exploit them on modern systems. If you rather want to stay in userland then you may want to simply search for "Awesome *WHATEVER IT IS* Collection"s on github, I'm sure it will help you to find the things you're interested in. Here is also a nice collection "https://www.vx-underground.org/windows.html" They also have a huge list of malware, so you can just google for reversing tuts. Also on youtube there are some channels I can recommend you: "Malware analysis for hedgehogs" "OALabs" Hope it helps |
The Following User Says Thank You to vitriol For This Useful Post: | ||
RAMPage (04-02-2023) |
#3
|
|||
|
|||
(Admittedly my experience is not a lot yet, I'm new to this, but this is what I've learned so far)
I'd say that it depends on what you want to do. Why do you want to reverse in the first place? Are you doing this to learn? For fun? Something else? If I were you I'd forgo the courses and start simple, from the fundamentals. Assuming you know how to program, the various asm variants (e.g. x86 asm) you can learn as you go by writing simple programs in e.g. C, and tools like Godbolt (godbolt.org) will display you the resulting assembly, and helpfully mark which parts of the assembly map to a given line of code. It could also be helpful to start with reversing some older programs that interest you (e.g. retro games) using a tool like Ghidra (or IDA if you prefer). Older programs tend to be a bit easier to understand when disassembled IMHO, though that's not always the case. As you start to get a feel for the patterns and calling convention (e.g. how a function is set up in x86 asm on Windows) you can "graduate" to more advanced programs like malware, that use more advanced techniques. Hope I helped, and most of all, have fun! |
The Following User Says Thank You to 0xDA7B01 For This Useful Post: | ||
RAMPage (04-16-2023) |
#4
|
|||
|
|||
Quote:
Im now reading @blue_devil 's recomende book in "learning x32-64 with ubuntu", and its going quite well. I have too many courses and materials but I need to start applying to learn to them. mmmm I read The Rootkit Arsenal in the week (79 pages by now) and its very interesting has very, good references and history. Learning a lot and trying to eat more that I can. Last edited by RAMPage; 04-16-2023 at 10:19. Reason: edited to follow rhe rules |
Thread Tools | |
Display Modes | |
|
|