This post is for those who don’t know what reverse engineering means.
I am not going to discuss some thing technical as in some disassembly tol or some debugger will just try to tell the young audience what reversing is.
Reverse engineering as the name specifies it’s something like starting from the very end and then finishing on the very start.
This sounds kind of confusing?
Let me to explain using some better examples it’s a process of getting code form some binary.
As there are a lot of closed source binaries available in market and some of them are malicious too so here we feel the need of reversing some particular binary.
Consider example of some malware as we got no code for that and we need to study how malware works to know it’s internal features and what kind of things it’s doing to my machine in that case we have to cut the malware into 2 half 😉 (Kidding)
We have to reverse that malware.
So mostly there are two kind of ways by which we fo this
1) Dynamic analysis
Dynamic analysis is Analysis of the sample using some Debugger or some random tools while it’s getting executed over the system. If we are not sure about the sample then better to use some VM for this as that is going to help you protected and not to ruin the data over your machine.
Static Analysis is about simply reversing the sample and then to analyse the code.
Now here Come the Assembly thing as I have already taught the basics of assembly in my previous tutorial so this is going to be fun now as this own;t lok like some MATRIX and stuff 🙂
When you attach a running process with some Debugger or some Decompiler then it is not be able to provide the native code (The original code in which the ample is written) it use to analyse it and to dump the assembly and for that we should know assebmly and other things
In the next Tutorials we going to need Olley debugger as will start with a simple crack me non malicious file and will carry forward the other things and a s the things proceed will try to train you from Noob to PRO 🙂
Ask any question over comment or mail me.
Do tell me if you find something which is wrong.
Thanks for reading.