Ask HN: What books/tutorials/articles to read to get into reverse engineering? - mlejva
======
jamieweb
I've been picking up the basics in the past few months - I started out with
playing around with some open source tools (radare2/Cutter), and then watching
Josh Stroschein's introductory course on PluralSight [1]. The course is more
Windows oriented but that's alright for the basics.

Then, I asked my friend to make me a really basic CrackMe challenge [2].
Solving this was where most of the real learning took place.

The tool I have been learning is Cutter [3], which is the official GUI for
radare2. It's a feature-rich and open-source tool that allows you to reverse
engineer without the licensing/price restrictions of the more well-known
paid/closed-source tools.

To help concrete this new knowledge, I'm currently working on a 3-part
introduction to reverse engineering with Cutter series, part 1 of which is out
so far [4].

Something that I've found very useful for learning is to analyse your own
binary rather than someone else's. Just write basic C++ programs ("What's your
name?", calculator, etc - almost as if you're learning programming from
scratch again), compile and then reverse engineer them.

Having full knowledge of what the binary does and how it works allows you to
focus on understanding the technical details (registers, stack, etc) rather
than jumping straight in at the deep end with a mystery binary. Once you've
got your head around how a basic binary works, the knowledge is very
transferable to binaries where you _don 't_ have the source code.

[1] [https://www.pluralsight.com/courses/reverse-engineering-
gett...](https://www.pluralsight.com/courses/reverse-engineering-getting-
started)

[2] [https://github.com/jamieweb/crackme-
challenge](https://github.com/jamieweb/crackme-challenge) __Looking at
source.cpp may reveal the solution, so be careful! Get a trusted friend to
audit the code first if you are concerned about its legitimacy. __

[3][https://github.com/radareorg/cutter](https://github.com/radareorg/cutter)

[4] [https://www.jamieweb.net/blog/radare2-cutter-part-1-key-
term...](https://www.jamieweb.net/blog/radare2-cutter-part-1-key-terminology-
and-overview/)

------
ecesena
Lately I read this interesting article on STM flash protection, incredibly
clear, but also rich of low level details:
[https://www.usenix.org/conference/woot17/workshop-
program/pr...](https://www.usenix.org/conference/woot17/workshop-
program/presentation/obermaier)

