
Reverse Engineering Guide for Beginners: Methodology and tools - febin
https://0x00sec.org/t/re-guide-for-beginners-methodology-and-tools/2242
======
SonOfLilit
Reversing is an art more than a science, and the most important things to
learn are not tools of the trade but habits of thought and approaches to
problem solving.

I appreciate what this guy is doing by documenting his learning process, it
will help him without doubt, but... as an audience - perhaps we should not
learn a difficult skill from someone who started their own journey into this
subject a few days ago?

~~~
akiselev
There's another demographic who I think would find this useful: people who
used to do reverse engineering decades ago but moved on to software
development. Cracking software I couldn't afford as a kid was what got me into
programming and I'd love to pick it back up but time is limuted. Figuring out
which tools to use by scouring Russian forums and random little hole in the
wall RE sites was fun but it's great to have an up to date resource. That it
comes with a beginner's perspective is quite useful since it's less likely to
skip small details that an experienced reverse engineer would find second
nature.

~~~
SonOfLilit
Except the tools he recommends are definitely not the standard ones
professionals use these days.

------
xvilka
It doesn't recommend radare2[1] and Cutter[2], which are free and opensource.

[1] [http://rada.re](http://rada.re)

[2] [https://github.com/radareorg/cutter](https://github.com/radareorg/cutter)

------
inetsee
HN comments from an earlier posting.
[https://news.ycombinator.com/item?id=14537506](https://news.ycombinator.com/item?id=14537506)

------
cdnsteve
Curious, are there specific security engineer professionals that do this type
of work day to day? Doesn't seem like a regular security analyst type role.
Seems very specialized. What is the field like, compensation and is this
generally for consultants?

~~~
SonOfLilit
Reverse engineering is one of the core skills employed in vulnerability
research. If I'd glance behind the shoulder of a security researcher and not
see an IDA or OllyDbg window open, I'd be very surprised.

~~~
hguant
Immunity debugger is quite useful as well.

Of course, if you really hate yourself, GDB on Windows is a thing...

~~~
SonOfLilit
If you're looking for a tool professionals actually use every day that
requires you to hate yourself, WinDbg scores higher on both counts

~~~
timbatron
What's wrong with WinDbg?

~~~
luch
Their scripting engine is probably the worst programming language I have
encountered (perl is readable by comparison).

That's why I was really extatic when Windbg devs introduced a standard script
engine, only to learn later on that was JavaScript ...

~~~
timbatron
Any specific complaint with JavaScript as the choice? The biggest downside I'm
aware of it's the lack of direct support for 64bit numbers. What language
would you have preferred? Python maybe?

~~~
luch
Javascript is actually a sane choice for extending a debugger (event-based,
async calls builtins, etc.) it's just that I'm not familiar with :p

I would have expected Windows to go with Powershell as their scripting engine,
that's why I was surprised with Javascript.

