
Reverse Engineering for Beginners: Free book - galapago
http://beginners.re/
======
kqr2
For understanding the stack frame layout on x86-64, I found this post to be
quite useful:

[http://eli.thegreenplace.net/2011/09/06/stack-frame-
layout-o...](http://eli.thegreenplace.net/2011/09/06/stack-frame-layout-
on-x86-64/)

~~~
wslh
You can also take a look at one article from my company: "64-bit Microsoft
Office Applications Do Not Like Stack Walking" [1]

[1] [http://blog.nektra.com/main/2014/04/23/64-bit-microsoft-
offi...](http://blog.nektra.com/main/2014/04/23/64-bit-microsoft-office-
applications-do-not-like-stack-walking/)

------
j_s
Reverse engineering has come up a few times in the past few months:

Automated reverse engineering (of DRM) -
[https://news.ycombinator.com/item?id=7989490](https://news.ycombinator.com/item?id=7989490)

Open-source debugger for Windows -
[https://news.ycombinator.com/item?id=8092273](https://news.ycombinator.com/item?id=8092273)

------
newaccountfool
After just visiting DEFCON and watching all the teams partake in CTF, this is
what I want to learn. This is computing.

~~~
gbarboza
As a regular CTF competitor for over 4 years now, I cannot emphasize the value
in simply playing CTFs if you really want to learn this stuff. So many people
seem to think there's a secret manual laying around that teaches you all that
is involved in going from a compiled binary to a shell. The referenced book
should be used as a resource for when you come across a new topic and need
some help. If you want to get started here are some useful links.

[http://smashthestack.org/](http://smashthestack.org/)

[https://ctftime.org/](https://ctftime.org/)

[http://overthewire.org/wargames/](http://overthewire.org/wargames/)

[http://repo.shell-storm.org/CTF/](http://repo.shell-storm.org/CTF/)

[https://github.com/ctfs/write-ups](https://github.com/ctfs/write-ups)

~~~
bigtunacan
Sorry for the n00bish question, but I've never done any reversing. What does
CTF stand for?

~~~
walls
"Capture The Flag", typically the challenges will have a "flag" hidden
somewhere that you have to locate.

~~~
bigtunacan
Gotcha; that is what came to mind from playing FPS games, but figured it was
probably something different in this context.

Thanks.

------
ryanmerket
Takes me back to high school. I used to sit in my room for hours working on
keygennerators.

~~~
thejay
Same here. The good old days spent hanging in Fravia+, Woodmann and RETeam's
forums..

------
luckyno13
I have been contemplating taking up coding in my spare time, especially after
the post about turning the $200 Chromebook into an el cheapo learning machine.
This could be the starting block I have been searching for.

~~~
taejo
Reverse engineering is probably _not_ the place to learn to code.

~~~
phaus
For high level languages, you are correct. However, lots of people learn
assembly as they are learning to reverse engineer software.

That being said, I don't think the $200 Chromebook is going to cut it.
Eventually he's going to want to run a Windows VM.

~~~
luckyno13
This is more of a knowledge expansion endeavor rather than career endeavor.
Something to tinker with on the side was the appeal of the Ubuntu'd Chromebook
in a threat here last week.

As far as learning and reversing goes, it has often been helpful to see how
something is working while also attempting to make it work for me.

~~~
phaus
You should still be able to learn quite a bit with just the Chromebook. After
reading the article, I'm thinking about getting one myself so I can get back
into learning web development again.

Did you end up buying the Acer C720?

~~~
luckyno13
Not quite yet. I usually wait until the semester is in full swing before I
make purchases. Both for time and money's sake.

That will be the one I more than likely go with. I was worried about 2GB of
RAM coming from a Windows background, 2GB isnt anything. But apparently it
runs fine in Ubuntu.

------
middleclick
I remember how I spent a summer going through Lenas videos tutorials (look
them up). They were really good and I learned a lot. Reverse engineering is an
addictive thing.

------
codygman
Is there a good reversing toolset for linux? For instance this book recommends
a windows only tool called Ida.

~~~
adamnemecek
It's not Windows only

[https://www.hex-rays.com/products/ida/debugger/index.shtml](https://www.hex-
rays.com/products/ida/debugger/index.shtml)

it's still somewhat expensive though.

------
checker659
Does anyone know of a tool that can dump C++ vtables from 64 bit macho files?

~~~
xvilka
You can try this [https://github.com/lvc/vtable-
dumper](https://github.com/lvc/vtable-dumper) or even modify it for your needs

