awesome-reversing
A curated list of awesome reversing resources
Books
Reverse Engineering Books
- The IDA Pro Book
- Reverse Engineering for Beginners
- Assembly Language for Intel-Based Computers (5th Edition)
- Practical Reverse Engineering
- Reversing: Secrets of Reverse Engineering
- Practical Malware Analysis
- Malware Analyst's Cookbook
- Gray Hat Hacking
- The Art of Memory Forensics
- Hacking: The Art of Exploitation
- Fuzzing for Software Security
- Art of Software Security Assessment
- The Antivirus Hacker's Handbook
- The Rootkit Arsenal
- Windows Internals Part 1 Part 2
- Inside Windows Debugging
- iOS Reverse Engineering
- The Shellcoders Handbook
- A Guide to Kernel Exploitation
- Agner's software optimization resources
- Learning Malware Analysis
- Binary Analysis
- Rootkits and Bootkits
- Serious Cryptography
Courses
Reverse Engineering Courses
- Lenas Reversing for Newbies
- Open Security Training
- Dr. Fu's Malware Analysis
- Binary Auditing Course
- TiGa's Video Tutorials
- Legend of Random
- Practical Malware Analysis
- Modern Binary Exploitation
- RPISEC Malware Course
- begin.re
- RE101
- RE102
- ARM Assembly Basics
- Offensive and Defensive Android Reversing
Channels
Binary Analysis Channels
- OALabs
- MalwareTech
- GynvaelEN
- VirusBtn
- Intro to WinDBG
- hasherzade
- Colin Hardy
- MalwareAnalysisHedgehog
Practice
Practice Reverse Engineering. Be careful with malware.
- Crackmes.de
- OSX Crackmes
- ESET Challenges
- Flare-on Challenges
- Github CTF Archives
- Reverse Engineering Challenges
- xorpd Advanced Assembly Exercises
- Virusshare.com
- Contagio
- Malware-Traffic-Analysis
- Malshare
- Malware Blacklist
- malwr.com
- vxvault
Hex Editors
Hex Editors
Binary Format
Binary Format Tools
- CFF Explorer
- Cerbero Profiler // Lite PE Insider
- Detect It Easy
- PeStudio
- PEiD
- PPEE
- MachoView
- nm - View Symbols
- file - File information
- codesign - Code signing information usage: codesign -dvvv filename
Disassemblers/Decompilers
Disassemblers/Decompilers
Binary Analysis
Binary Analysis Resources
Bytecode Analysis
Bytecode Analysis Tools
Import Reconstruction
Import Reconstruction Tools
Dynamic Analysis
Dynamic Analysis Tools
- ProcessHacker
- Process Explorer
- Process Monitor
- Autoruns
- Noriben
- API Monitor
- iNetSim
- Wireshark
- Fakenet
- netzob
- Volatility
- Dumpit
- LiME
- Cuckoo
- Objective-See Utilities
- XCode Instruments - XCode Instruments for Monitoring Files and Processes User Guide
- dtrace - sudo dtruss = strace dtrace recipes
- fs_usage - report system calls and page faults related to filesystem activity in real-time. File I/O: fs_usage -w -f filesystem
- dmesg - display the system message buffer
Debugging
Debugging Tools
- WinDbg
- OllyDbg v1.10
- OllyDbg v2.01
- OllySnD
- Olly Shadow
- Olly CiMs
- Olly UST_2bg
- x64dbg
- gdb
- vdb
- lldb
- qira
- unicorn
Mac Decrypt
Mac Decrypting Tools
- Cerbero Profiler - Select all -> Copy to new file
- AppEncryptor - Tool for decrypting
- Class-Dump - use deprotect option
- readmem - OS X Reverser's process dumping tool
Document Analysis
Document Analysis Tools
Scripting
Scripting
- IDA Python Src
- IDC Functions Doc
- Using IDAPython to Make your Life Easier
- Introduction to IDA Python
- The Beginner's Guide to IDA Python
- IDA Plugin Contest
- onehawt IDA Plugin List
- pefile Python Libray
- ghidra ninja
Android
Android tools
Yara
Yara Resources