Reverse Engineering - All-In-One

[Work still in progress]

Depending whether you are working with Windows or Linux binary, simply choose the folder of the operating system you are dealing with. What you'll typically find about the resources on my repositories is that they are categorized and organized by relevance and skill level. Enjoy!

Table of Contents

Best Books

# Title Description Skill Level
1 Hacking, The Art of Exploitation Best books for absolute newbies. Takes you step-by-step through the fundamentals. Beginner
2 Practical Reverse Engineering Information is very well organized. Tons of code examples. Beginner
3 Reversing, Secrets of Reverse Engineering Once you've mastered the basics. This book will help take you to the next level. Intermediate

Best Video Tutorials

# Title Description Skill Level
1 Reverse Engineering Basics Start here if you know nothing. Take plenty of notes. Beginner

Best Challenges

# Title Description Skill Level
1 Protostar Challenges Watch the challenge walkthroughs created by Live Overflow Beginner
2 PicoCTF Various CTFs designed by Google, including reverse engineering challenges. Follow challenge walkthrough by John Hammond Beginner

List of Memory Bugs

Bug Description
Buffer_Overflow Writing past the bounds of a buffer. For example, writing to a buffer without an null byte (\x00) appended at the end, therefore the program doesn't know when to stop writing user input to memory.
Dangling_Pointers When a pointer is pointing to an area of memeory that has already been freed. Also known as, Use-After-Free.
Off-By-One_Error Found in loops that append data to a buffer. Not checking the last iteration of the loop can overwrite the least signifcant byte on the function's base pointer.
Race_Condition When threads are in use. If two or more threads can access shared data and try to change it at the same time.
Format_String_Attack If a function like printf() is used to print input from a user and a format string is not specified.
Integer_Overflow Integers have a maximum value in memory. A signed int can only go as high as 2,147,483,647 for example. Math that goes beyond that limit can overflow the integer, resuting in unexpected behavior.
Weak_Encryption Using weak Pseudo-random seeds, for example using time() to provide a cryptographical seed for encryption or rand() function..

The Reverse Engineering Cheatsheet

Memorizing is never fun and if you're like me, you'll work on other projects for months before needing to come back to debug a piece of software just to find out that you've lost your mojo. Here are a few refreshers if you need them.

Programming Concepts

Subject Description
Arrays Arrays and buffers are the same thing. They point to adjacent data streams located in memory and end with a NULL byte. (\x00).
Pointers Pointers have types, just like variables. Pointers are used to store a location of data in memory.
Strings Strings are pointers to character arrays. Strings point to the beginning of an array/buffer in memory to be read by a function like scanf().
Typecasting C/C++ is a Strongly Typed Language. You need to use Typecasting to change the type of a variable or pointer. Despite how the type was originally defined.
Vectors Vectors are similar to arrays expect that they are used to store Object References instead of values with primative data types.
File Descriptors A number that is used to refernece an open file.
Streams The interface we use for reading and writing data to files, sockets, stdout, etc.
Structs (C) Structs in C are variables that contain multiple other variables.
Classes Class is short for Classify. A class is a blueprint for creating objects during runtime. Objects are dynamic and only spawn during runtime. Classes and Object Oriented Programming (OOP) were added in C++.
Structs(C++) Structs in C++ are the same as Classes except they are by default set to Public.

Primitive Data Types

Subject Description Byte Size
Signed_Int Stores a whole number. Numbers in C are defaultly signed. Meaning, they can be either positive or negative numbers. 32-bit signed integers max out at 2,147,483,647. 4
Unsigned_Int Stores a whole number. Numbers that are unsigned can only be positive. This means there is no Twos Compliment and the least significant bit is not reserved. 32-bit unsigned integers max out at 4,294,967,295. 4
Long Store a whole number. A long is double the memory size of an int, 8-bytes in 32-bit machines. Used when an Int isn't big enough to store a value. 8
Short Store a whole number. A short is half the size of an Int. 2-Bytes in 32-bit machines or simply 16-Bits in size. 2
Float Stores numbers with decimal points. 4-Bytes in size on 32-Bit machines. Used for values with 6 to 7 decimals. 4
Double Stores numbers with decimal points. 8-Bytes in size on 32-Bit machines. Used for values with up to 15 decimals. 8
Char 2 Bytes in size. Chars are used to contain letters such as ASCII values. Strings are considered char arrays. 2
Boolean Either a True or False. 1-Bit in size. 1-bit


Subject Description
Big Endian Bytes in there normal order. "Most significant byte first" 0x12345678 = \x12\x34\x56\x78
Little Endian Bytes in there reverse order. "Least significant byte first" 0x12345678 = \x78\x56\x34\x12