├── .github
    └── FUNDING.yml
└── README.md


/.github/FUNDING.yml:
--------------------------------------------------------------------------------
 1 | # These are supported funding model platforms
 2 | 
 3 | github: HACKE-RC # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
 4 | patreon: # Replace with a single Patreon username
 5 | open_collective: # Replace with a single Open Collective username
 6 | ko_fi: # Replace with a single Ko-fi username
 7 | tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
 8 | community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
 9 | liberapay: # Replace with a single Liberapay username
10 | issuehunt: # Replace with a single IssueHunt username
11 | lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
12 | polar: # Replace with a single Polar username
13 | buy_me_a_coffee: coderrc # Replace with a single Buy Me a Coffee username
14 | custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
15 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # Reverse Engineering Resources ⚡
  2 | Highest quality resources to learn Reverse Engineering from start to end!
  3 | 
  4 | [Roadmap](https://wiki.bi0s.in/reversing/roadmap)
  5 | 
  6 | # Table of contents
  7 | - [Assembly](#assembly)
  8 |   * [Linux specific](#linux-specific)
  9 |   * [Windows specific](#windows-specific)
 10 |   * [Miscellaneous](#miscellaneous)
 11 | - [Operating System Internals](#operating-system-internals)
 12 | - [Assembly Projects](#assembly-projects)
 13 | - [Getting started](#getting-started)
 14 | - [Getting your hands dirty](#getting-your-hands-dirty)
 15 | - [Deobfuscation](#deobfuscation)
 16 | - [Anti-debug and Anti-analysis](#anti-debug-and-anti-analysis)
 17 | - [Anti-analysis](#anti-analysis)
 18 | - [C++ Reversing](#c-reversing)
 19 | - [Great blogs on Windows Internals](#great-blogs-on-windows-internals)
 20 | - [Others](#others)
 21 | - [Symbolic Execution](#symbolic-execution)
 22 | 
 23 | ## Assembly
 24 | My personal favourite assembly resource is the Chapter 3 in the [Computer Systems: A Programmer's Perspective](https://csapp.cs.cmu.edu) book, but if you're not into books, you can check the following resources:
 25 | 
 26 | ### Linux specific
 27 | 
 28 | - [Assembly Tutorial](https://asmtutor.com/)
 29 | - [Art of Assembly](https://www.plantation-productions.com/Webster/www.artofasm.com/Linux/index.html)
 30 | 
 31 | ### Windows specific
 32 | 
 33 | - [https://www.plantation-productions.com/Webster/www.artofasm.com/Windows/index.html](https://www.plantation-productions.com/Webster/www.artofasm.com/Windows/index.html)
 34 | - [Assembly tutorial](https://sonictk.github.io/asm_tutorial/)
 35 | 
 36 | ### Miscellaneous
 37 | - [Learn how CPUs work](https://cpu.land)
 38 | - [https://www.felixcloutier.com/x86/index.html](https://www.felixcloutier.com/x86/index.html)
 39 | - [https://cs.lmu.edu/~ray/notes/x86assembly/](https://cs.lmu.edu/~ray/notes/x86assembly/)
 40 | - [https://godbolt.org](https://godbolt.org/)
 41 | - [https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+Arch1001_x86-64_Asm+2021_v1/about](https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+Arch1001_x86-64_Asm+2021_v1/about)
 42 | 
 43 | ## Assembly Projects
 44 | 
 45 | After learning assembly, you can try some projects like making a bootloader or a whole simple Operating System.
 46 | I have wrote a blog on this topic, [here](https://de-engineer.github.io/Understanding-booting-process-and-writing-own-os/).
 47 | - [http://brokenthorn.com/Resources/OSDev1.html](http://brokenthorn.com/Resources/OSDev1.html)
 48 | - [https://raw.githubusercontent.com/tuhdo/os01/master/Operating_Systems_From_0_to_1.pdf](ttps://raw.githubusercontent.com/tuhdo/os01/master/Operating_Systems_From_0_to_1.pdf)
 49 | - [https://cs.bham.ac.uk/~exr/lectures/opsys/10_11/lectures/os-dev.pdf](https://cs.bham.ac.uk/~exr/lectures/opsys/10_11/lectures/os-dev.pdf)
 50 | - [Learn x86-64 assembly by writing a GUI from scratch](https://gaultier.github.io/blog/x11_x64.html)
 51 | 
 52 | 
 53 | ## Operating System Internals
 54 | If you want to read books to learn OS then you can go in this order:
 55 | 1. The Elements of Computer Science (TECS) & [Nand2Tetris (Lectures)](https://www.coursera.org/learn/build-a-computer)
 56 | 2. [Computer Systems: A Programmer's Perspective](https://csapp.cs.cmu.edu) & [Lectures](https://scs.hosted.panopto.com/Panopto/Pages/Sessions/List.aspx#folderID=%22b96d90ae-9871-4fae-91e2-b1627b43e25e%22)
 57 | 3. Operating Systems: Three Easy Pieces & [Lectures](https://www.youtube.com/watch?v=DcBa3dBBOtM&list=PLRJWiLCmxyxi2RCPVYfewxJIWJzc_colw)
 58 | 
 59 | 
 60 | If you are not into books, you can check the following resources:    
 61 | - [https://www.youtube.com/playlist?list=PLmbPuZ0NsyGS8ef6zaHd2qYylzsHxL63x](https://www.youtube.com/playlist?list=PLmbPuZ0NsyGS8ef6zaHd2qYylzsHxL63x)
 62 | - [https://www.youtube.com/playlist?list=PLgre7dUq8DGKbtnlMuJPvPYlvLdXOC9uh](https://www.youtube.com/playlist?list=PLgre7dUq8DGKbtnlMuJPvPYlvLdXOC9uh)
 63 | - [https://pages.cs.wisc.edu/~remzi/OSTEP/](https://pages.cs.wisc.edu/~remzi/OSTEP/)
 64 | - [Operating Systems Course (Recommended)](https://www.youtube.com/playlist?list=PLunILarQwxnl0SZ2zsgyVjU9NDD_Rn-re)
 65 | ## Getting started
 66 | - [Free crackmes](https://crackmy.app)
 67 | - [Roadmap for RE](https://wiki.bi0s.in/reversing/roadmap)
 68 | - [COMPSCI 390R - Reverse Engineering & Vulnerability Analysis](https://pwn.umasscybersec.org/lectures/index.html)
 69 | - [https://www.begin.re](https://www.begin.re/)
 70 | - [https://artik.blue/reversing](https://artik.blue/reversing)
 71 | - [https://legend.octopuslabs.io/sample-page.html](https://legend.octopuslabs.io/sample-page.html)
 72 | - [https://www.youtube.com/watch?v=mDyQBM-_T1g](https://www.youtube.com/watch?v=mDyQBM-_T1g)
 73 | - [https://www.youtube.com/watch?v=gPsYkV7-yJk](https://www.youtube.com/watch?v=gPsYkV7-yJk)
 74 | - [https://www.youtube.com/watch?v=d4Pgi5XML8E](https://www.youtube.com/watch?v=d4Pgi5XML8E)
 75 | - [https://www.youtube.com/watch?v=9vKG8-TnawY](https://www.youtube.com/watch?v=9vKG8-TnawY) (Recommended)
 76 | 
 77 | ## Getting your hands dirty
 78 | 
 79 | - [https://crackmes.one](https://crackmes.one/)
 80 | - [http://reversing.kr/challenge.php](http://reversing.kr/challenge.php)
 81 | - [https://github.com/Maijin/radare2-workshop-2015/tree/master/IOLI-crackme](https://github.com/Maijin/radare2-workshop-2015/tree/master/IOLI-crackme)
 82 | - [http://reversing.kr/challenge.php](http://reversing.kr/challenge.php)
 83 | - [https://0x00sec.org/t/challenge-collection-reverse-engineering-and-crackme/3027](https://0x00sec.org/t/challenge-collection-reverse-engineering-and-crackme/3027)
 84 | - [Youtube playlist on Malware Analysis](https://www.youtube.com/watch?v=n06QSoICU6c&list=PLt9cUwGw6CYG2DSfjXEE3GotkQDa5b-6s)
 85 | - [Binary Analysis Free Course](https://maxkersten.nl/binary-analysis-course/)
 86 | 
 87 | ## Deobfuscation
 88 | 
 89 | - [https://www.vadesecure.com/en/blog/malware-analysis-understanding-code-obfuscation-techniques](https://www.vadesecure.com/en/blog/malware-analysis-understanding-code-obfuscation-techniques)
 90 | - [https://www.youtube.com/watch?v=bEsQ8UYioU4](https://www.youtube.com/watch?v=bEsQ8UYioU4)
 91 | - [https://0x00sec.org/t/packers-executable-compression-and-data-obfuscation/847](https://0x00sec.org/t/packers-executable-compression-and-data-obfuscation/847)
 92 | - [https://www.blackhat.com/presentations/bh-usa-07/Yason/Whitepaper/bh-usa-07-yason-WP.pdf](https://www.blackhat.com/presentations/bh-usa-07/Yason/Whitepaper/bh-usa-07-yason-WP.pdf)
 93 | - [https://www.varonis.com/blog/x64dbg-unpack-malware](https://www.varonis.com/blog/x64dbg-unpack-malware)
 94 | - [https://apr4h.github.io/2021-05-01-Manually-Unpacking-Remcos-Malware/](https://apr4h.github.io/2021-05-01-Manually-Unpacking-Remcos-Malware/)
 95 | - [https://www.youtube.com/watch?v=EdchPEHnohw](https://www.youtube.com/watch?v=EdchPEHnohw)
 96 | - [https://www.youtube.com/playlist?list=PLynb9SXC4yER8NinXJwV4GHUM9-jaIsN_](https://www.youtube.com/playlist?list=PLynb9SXC4yER8NinXJwV4GHUM9-jaIsN_)
 97 | 
 98 | ## Anti-debug and Anti-analysis
 99 | 
100 | - [https://iopscience.iop.org/article/10.1088/1742-6596/1744/4/042186/pdf](https://iopscience.iop.org/article/10.1088/1742-6596/1744/4/042186/pdf)
101 | - [https://wikileaks.org/vault7/document/2015-07-PoC-Anti_Debugging_and_Anti_Emulation/2015-07-PoC-Anti_Debugging_and_Anti_Emulation.pdf](https://wikileaks.org/vault7/document/2015-07-PoC-Anti_Debugging_and_Anti_Emulation/2015-07-PoC-Anti_Debugging_and_Anti_Emulation.pdf)
102 | - [https://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf](https://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf)
103 | - [https://anti-debug.checkpoint.com/](https://anti-debug.checkpoint.com/)
104 | - [https://www.youtube.com/watch?v=WlE8abc8V-4&feature=emb_title](https://www.youtube.com/watch?v=WlE8abc8V-4&feature=emb_title)
105 | 
106 | ## Anti-analysis
107 | 
108 | - [https://www.malwarebytes.com/blog/news/2014/09/five-anti-debugging-tricks-that-sometimes-fool-analysts](https://www.malwarebytes.com/blog/news/2014/09/five-anti-debugging-tricks-that-sometimes-fool-analysts)
109 | - [https://www.oic-cert.org/en/download/Anti-Analysis techniques (OIC Talk).pdf](https://www.oic-cert.org/en/download/Anti-Analysis%20techniques%20(OIC%20Talk).pdf)
110 | - [https://www.cynet.com/attack-techniques-hands-on/malware-anti-vm-techniques/](https://www.cynet.com/attack-techniques-hands-on/malware-anti-vm-techniques/)
111 | - [https://www.youtube.com/watch?v=5NO-W3SVjak&feature=emb_title](https://www.youtube.com/watch?v=5NO-W3SVjak&feature=emb_title)
112 | 
113 | ## C++ Reversing
114 | - [Reversing C++ Virtual Functions](https://alschwalm.com/blog/static/2016/12/17/reversing-c-virtual-functions/)
115 | - [Reversing C++](https://www.blackhat.com/presentations/bh-dc-07/Sabanal_Yason/Paper/bh-dc-07-Sabanal_Yason-WP.pdf)
116 | 
117 | ## Windows Research
118 | 
119 | If you want to get into Windows Research, then you need to learn Windows Internals.
120 | 
121 | - [My blog on Windows Internals](https://de-engineer.github.io)
122 | - [Book on Windows Internals published by MS. Use it like a reference to learn about specific topics when needed](https://learn.microsoft.com/en-us/sysinternals/resources/windows-internals)
123 | - [Has the best video courses](https://www.pluralsight.com/authors/pavel-yosifovich)
124 | - [Windows Process Internals](https://www.youtube.com/watch?v=4AkzIbmI3q4&feature=emb_title)
125 | - [Windows Internals Overview](https://samsclass.info/140/lec/Excerpted-PRE07_Solomon.pdf)
126 | - [Intro to Windows Internals](https://vimeo.com/49347561)
127 | - [Win32 programming with code examples](https://installsetupconfig.com/win32programming)
128 | - [Notes for Windows API programming](https://caiorss.github.io/C-Cpp-Notes/WindowsAPI-cpp.html)
129 | - [Windows undocumented functions documentation](http://undoc.airesoft.co.uk)
130 | - [Windows undocumented stuff's documentation](https://geoffchappell.com/index.htm)
131 | - [Windows Internals Book 7th edition Tools](https://github.com/zodiacon/windowsinternals)
132 | - [Full source code of ReactOS (open-source reimplementation of Windows)](https://doxygen.reactos.org/index.html)
133 | - [Explanation of key data structures used by device drivers, kernel, and HAL](https://codemachine.com/articles/kernel_structures.html)
134 | - [Take a look at more than 6000 Windows Undocumented structures](https://www.vergiliusproject.com/)
135 | - [Resources For Advanced Windows Development](https://pastebin.com/NXxrYHp8)
136 | - [Understanding the EPROCESS data structure](https://info-savvy.com/understanding-eprocess-structure/)
137 | - [The NT Handle Table](https://www.cs.miami.edu/home/burt/journal/NT/handle_table.html)
138 | - [Anatomy of the thread suspension mechanism in Windows.](https://ntopcode.wordpress.com/2018/01/16/anatomy-of-the-thread-suspension-mechanism-in-windows-windows-internals/)
139 | - [Automatically generated diff of Windows structures](http://terminus.rewolf.pl/terminus/)
140 | - [Thread Scheduling Windows](https://www.i.u-tokyo.ac.jp/edu/training/ss/lecture/new-documents/Lectures/03-ThreadScheduling/ThreadScheduling.pdf) 
141 | - [Kernel Callback Functions](https://codemachine.com/articles/kernel_callback_functions.html)
142 | - [Decompilation of NT API functions](http://likeagod.revers.engineering)
143 | 
144 | ## Great blogs on Windows Internals
145 | 
146 | - [https://secret.club](https://secret.club/)
147 | - [wumb0.in](https://t.co/TQttGxnkVF)
148 | - [voidsec.com](https://t.co/Rz220SAwbt)
149 | - [https://poppopret.blogspot.com/?m=1](https://poppopret.blogspot.com/?m=1)
150 | - [https://www.ragestorm.net/blogs/?cat=13](https://www.ragestorm.net/blogs/?cat=13)
151 | - [https://www.x86matthew.com](https://www.x86matthew.com/)
152 | - [https://www.tiraniddo.dev](https://www.tiraniddo.dev/)
153 | - [https://googleprojectzero.blogspot.com](https://googleprojectzero.blogspot.com/)
154 | 
155 | ## Others
156 | - [GuidedHacking](https://guidedhacking.com)
157 | - [Compiler Optimizations for Reverse Engineers.](https://www.msreverseengineering.com/blog/2014/6/23/compiler-optimizations-for-reverse-engineers)
158 | - [Reversing Stories: Updating the Undocumented ESTROBJ and STROBJ Structures for Windows 10 x64.](https://versprite.com/blog/security-research/reverse-engineering-undocumented-structures/)
159 | - [Methodology for Static Reverse Engineering of Windows Kernel Drivers.](https://posts.specterops.io/methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83)
160 | - [What I Have Learned from Reverse Engineering Windows Containers.](https://unit42.paloaltonetworks.com/what-i-learned-from-reverse-engineering-windows-containers/)
161 | - [A Syscall Journey in the Windows Kernel.](https://alice.climent-pommeret.red/posts/a-syscall-journey-in-the-windows-kernel/)
162 | - [Reversing with HyperDbg (Dbg3301) - OpenSecurityTraining](https://www.youtube.com/playlist?list=PLUFkSN0XLZ-kF1f143wlw8ujlH2A45nZY)
163 | 
164 | ## Symbolic Execution
165 | - [Introduction to SMT Solvers - an overview of z3](https://de-engineer.github.io/SMT-Solvers/)
166 | - [Video lecture on Symbolic Execution by MIT](https://www.youtube.com/watch?v=yRVZPvHYHzw)
167 | - [Video lectures on Symbolic Execution](https://pwn.umasscybersec.org/lectures/index.html)
168 | - [Youtube video covering the basics of z3](https://www.youtube.com/watch?v=kZd1Hi0ZBYc)
169 | - [Learn z3](https://github.com/ViRb3/z3-python-ctf)
170 | - [Course on Symbolic Analysis](https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+RE3201_symexec+2021_V1/course)
171 | - https://sat-smt.codes/SAT_SMT_by_example.pdf
172 | 


--------------------------------------------------------------------------------