Welcome to the comprehensive roadmap for mastering reverse engineering and malware analysis. This roadmap is designed to guide individuals from beginner to expert level in the field of reverse engineering and malware analysis.
- Reverse Engineering For Everyone!
- Malware Analysis Virtual Machine – by OALabs
- Creating a Simple Free Malware Analysis Environment – by MalwareTech
- Reversing with Lena151 – learn OllyDbg (old, but still very useful)
- REVERSING WITH IDA PRO FROM SCRATCH
- Introduction to Windbg and debugging windows
- MalwareBreakdown
- Malware Traffic Analysis
- VX Underground
- Malshare
- VirusShare
- Abuse.ch
- TheZoo
- VirusBay
- Beginner Malware Reversing Challenges (by Malware Tech)
- solve the Malwarebytes CrackMe: a step-by-step tutorial
- MalwareTech Windows Reversing Challenge #1 Write-Ups
- MalwareTech Windows Reversing Challenge #2 Write-Ups
- MalwareTech Windows Reversing Challenge #3 Write-Ups
- Crackmes.one – various crackmes to help you exercise reversing
- "Nightmare" – a reverse engineering course created around CTF tasks
- FlareOn Challenge writeups
- Video 1 and Video 2 for x86 assembly introduction
- Free course on assembly for other platforms
- Intel official manual on assembly language
- An In-Depth Look Into The Win32 Portable Executable File Format
- An In-Depth Look into the Win32 Portable Executable File Format
- Peering Inside the PE: A Tour of the Win32 Portable Executable File Format
- PE101 and PE102 by Ange Albertini
- C/C++, Python, and Assembly
- MalwareTech's article on programming for malware analysis
- Recommended learning resources:
- Windows System Programming book
- some ways...
- manual unpacking
- Workshop: VM-based Obfuscation Analysis
- Discussion on reverse engineering virtualization
- VMProtect 2 – Detailed Analysis of the Virtual Machine Architecture
- VMProtect 2 – Part Two, Complete Static Analysis
- SpeakEasy: a writeup solving a challenge from UIUCTF 2021
- Tickling VMProtect with LLVM
- Cracking programs with custom virtualization-based protectors
- A walk-through various techniques (by Endgame)
- Ready-made demos of various code injection techniques (source code)
- Review of various injection techniques (BlackHat 2019) Video - PDF
- Author's PE injection demos (source code)
- "Inline Hooking for programmers" (by MalwareTech) - Part 1 and Part 2
- Windows API Hooking (article in Red Teaming Experiments)
- Simple userland rootkit - a case study
- Starting with Windows Kernel Exploitation - setting up the lab
- Windows Kernel Programming book
- Brief introduction to driver analysis methods by Matt Hand
- Additional guidance on driver reversing from VoidSec
- Rootkit analysis tutorial
- Kernel-mode rootkit techniques:
- Reversing: Secrets of Reverse Engineering Paperback – Illustrated, 1 April 2005
- Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation 1st Edition
- Mytechnotalent's Reverse Engineering Repository
- Octopus Labs
- Open Security Training
- Practical Malware Analysis learning materials
- Malware Analysis course (University of Cincinnati)
- Red/purple teaming: a malware development course by 0xPat
- Building C2 implants in C++
- Hasherezade's malware training repository
- Practical Malware Analysis: A Hands-On Guide to Dissecting Malicious Software
- The Art of Computer Virus Research and Defense – Peter Szor
- "The "Ultimate"Anti-Debugging Reference" – by Peter Ferrie
- Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
- Hacker Disassembling Uncovered – by Kris Kaspersky
- The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System
- Rootkits and Bootkits – by Alex Matrosov, Eugene Rodionov, and Sergey Bratus
- Windows System Programming (4th edition) – by Johnson M. Hart
- Gray Hat Python
- Stay curious and eager to learn
- Practice, practice, practice
- Engage with the community
- Contribute and share your knowledge
- Stay up-to-date with the latest trends and techniques
- Develop strong programming skills in languages like C/C++, Python, and Assembly
- Embrace failure as a learning opportunity
- Maintain a safe and controlled environment for your analysis
- Respect intellectual property and adhere to ethical guidelines
- Contribute to the community through research, blog posts, or open source projects
- Stay active and engaged in the field by attending conferences and participating in CTFs
- Build a solid online presence by sharing your work and insights on platforms like GitHub and Twitter
- Network with industry professionals and join relevant communities and forums
- Continuously update your skills and knowledge through self-study and formal training programs
This comprehensive roadmap provides a step-by-step guide for mastering reverse engineering and malware analysis. By following the suggested resources and engaging in practical exercises, you can build a strong foundation, develop advanced skills, and position yourself for a successful career in this field. Remember to stay motivated, curious, and always eager to learn. Good luck on your reverse engineering and malware analysis journey!
- MalwareTech
- Hasherezade's Blog
- Malwarebytes Labs
- FireEye Threat Research Blog
- Talos Intelligence Blog
- Securelist by Kaspersky
- The Malware Analyst's Cookbook
- 0xec
- Malwarebytes Unpacked
- SANS Internet Storm Center
- MalwareMustDie
- ReversingLabs
- MalwareTips
- Reverse Engineering Stack Exchange
- KernelMode.info
- Wilders Security Forums
- Malware Analysis Forums on Reddit
- VirusTotal Community
- IDA Pro
- Ghidra
- x64dbg
- OllyDbg
- Immunity Debugger
- Wireshark
- Cuckoo Sandbox
- PEStudio
- Volatility
- Sysinternals Suite
- YARA
- Capstone
- Radare2
- Binary Ninja
- Metasploit Framework
A big thank you to all the researchers, authors, and contributors who have shared their knowledge and resources in the field of reverse engineering and malware analysis. This roadmap wouldn't have been possible without their valuable contributions.
Contributions are welcome! If you have any suggestions, resources, or improvements to this roadmap, please feel free to open an issue or submit a pull request.
Are you ready to dive into the depths of cybersecurity, reverse engineering, and advanced threat analysis? Look no further than OrcaCyberWeapons, your gateway to the world of cutting-edge security research and exploration.
What We Offer:
- Advanced Cybersecurity Insights: Delve into the latest trends, techniques, and strategies employed by cyber adversaries, shedding light on the vast world of malware, exploits, APTs, and cybercrime across all platforms.
- Reverse Engineering Expertise: Uncover the inner workings of sophisticated malware, dissect exploit techniques, and explore the art of reverse engineering with our community of seasoned professionals and enthusiasts.
- Malware Development and Analysis: Gain valuable insights into the creation, analysis, and mitigation of malware, understanding its behavior, impact, and countermeasures.
- APT Techniques and Defense Strategies: Explore the realm of advanced persistent threats (APTs), dissect their tactics, and fortify your defenses against sophisticated cyber adversaries.
Whether you're a seasoned cybersecurity professional, an aspiring ethical hacker, or a curious enthusiast, OrcaCyberWeapons provides a platform for in-depth discussions, practical insights, and collaborative exploration of the ever-evolving cybersecurity landscape.
Join us on Telegram and embark on a journey of discovery, knowledge sharing, and continuous learning in the realm of cybersecurity and beyond.