├── .editorconfig
├── .gitattributes
├── .travis.yml
├── README.md
└── package.json


/.editorconfig:
--------------------------------------------------------------------------------
 1 | root = true
 2 | 
 3 | [*]
 4 | indent_style = spaces
 5 | indent_size = 2
 6 | end_of_line = lf
 7 | charset = utf-8
 8 | trim_trailing_whitespace = true
 9 | insert_final_newline = true
10 | 


--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
1 | * text=auto
2 | readme.md merge=union
3 | 


--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
 1 | sudo: false
 2 | 
 3 | language: node_js
 4 | 
 5 | node_js:
 6 |   - 8
 7 | 
 8 | cache:
 9 |   directories:
10 |     - node_modules
11 | 
12 | install:
13 |   - yarn install
14 | 
15 | script:
16 |   - yarn test
17 | 
18 | notifications:
19 |   email:
20 |     on_success: never
21 |     on_failure: change
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | ## Reverse Engineering resources  
  2 | [![Awesome](https://2.bp.blogspot.com/-nz0jFFFA4Hc/WHubiaz8ecI/AAAAAAAAB08/g2erX6roVBYCfwWjIGUOBYMkcB7ghRL2wCLcB/s1600/reverse%2Bengineering.png)](http://kalitut.com)
  3 | A curated list of awesome reversing resources   
  4 | 
  5 | - [Awesome Reversing](#awesome-reversing)
  6 |     - [Books](#books)
  7 |     - [Courses](#courses)
  8 |     - [Practice](#practice)
  9 |     - [Hex Editors](#hex-editors)
 10 |     - [Binary Format](#binary-format)
 11 |     - [Disassemblers](#disassemblers)
 12 |     - [Binary Analysis](#binary-analysis)
 13 |     - [Bytecode Analysis](#bytecode-analysis)
 14 |     - [Import Reconstruction](#import-reconstruction)
 15 |     - [Dynamic Analysis](#dynamic-analysis)
 16 |     - [Debugging](#debugging)
 17 |     - [Mac Decrypt](#mac-decrypt)
 18 |     - [Document Analysis](#document-analysis)
 19 |     - [Scripting](#scripting)
 20 |     - [Android](#android)
 21 |     - [Yara](#yara)
 22 | 
 23 | - - -
 24 | 
 25 | ## Books
 26 | 
 27 | *Reverse Engineering Books*
 28 | 
 29 | * [The IDA Pro Book](http://amzn.to/2jTicOg)
 30 | * [Radare2 Book](https://www.gitbook.com/book/radare/radare2book/details)
 31 | * [Reverse Engineering for Beginners](http://beginners.re/)
 32 | * [The Art of Assembly Language](http://amzn.to/2jlxTNp)
 33 | * [Practical Reverse Engineering](http://amzn.to/2iusXRW)
 34 | * [Reversing: Secrets of Reverse Engineering](http://amzn.to/2jlnBwX)
 35 | * [Practical Malware Analysis](http://amzn.to/2jljYqE)
 36 | * [Malware Analyst's Cookbook](http://amzn.to/2iWPJDd)
 37 | * [Gray Hat Hacking](http://amzn.to/2jllIAi)
 38 | * [Access Denied](https://github.com/shaykhsiddique/academic-/blob/master/CSE107/Access%20Denied.pdf)
 39 | * [The Art of Memory Forensics](http://amzn.to/2jMJQs0)
 40 | * [Hacking: The Art of Exploitation](http://amzn.to/2jnkV19)
 41 | * [Fuzzing for Software Security](http://amzn.to/2jMKCWc)
 42 | * [Art of Software Security Assessment](http://amzn.to/2jlvtyt)
 43 | * [The Antivirus Hacker's Handbook](http://amzn.to/2jn9G99)
 44 | * [The Rootkit Arsenal](http://amzn.to/2jlgioK)
 45 | * [Windows Internals Part 1](http://amzn.to/2jlo9mA) [Part 2](http://amzn.to/2jMLCth)
 46 | * [Inside Windows Debugging](http://amzn.to/2iqFTxf)
 47 | * [iOS Reverse Engineering](https://github.com/iosre/iOSAppReverseEngineering)
 48 | 
 49 | ## Courses
 50 | 
 51 | *Reverse Engineering Courses*
 52 | 
 53 | * [Lenas Reversing for Newbies](https://tuts4you.com/download.php?list.17)
 54 | * [Open Security Training](http://opensecuritytraining.info/Training.html)
 55 | * [Dr. Fu's Malware Analysis](http://fumalwareanalysis.blogspot.sg/p/malware-analysis-tutorials-reverse.html)
 56 | * [Binary Auditing Course](http://www.binary-auditing.com/)
 57 | * [TiGa's Video Tutorials](http://www.woodmann.com/TiGa/)
 58 | * [Legend of Random](https://tuts4you.com/download.php?list.97)
 59 | * [Modern Binary Exploitation](http://security.cs.rpi.edu/courses/binexp-spring2015/)
 60 | * [RPISEC Malware Course](https://github.com/RPISEC/Malware)
 61 | * [SANS FOR 610 GREM](https://www.sans.org/course/reverse-engineering-malware-malware-analysis-tools-techniques/Type/asc/all)
 62 | * [REcon Training](https://recon.cx/2015/training.html)
 63 | * [Blackhat Training](https://www.blackhat.com/us-16/training/)
 64 | * [Offensive Security](https://www.offensive-security.com/information-security-training/)
 65 | * [Corelan Training](https://www.corelan.be/index.php/articles/#cat_exploit-writing-tutorials)
 66 | * [Offensive and Defensive Android Reversing](https://github.com/rednaga/training/raw/master/DEFCON23/O%26D%20-%20Android%20Reverse%20Engineering.pdf)
 67 | 
 68 | ## Practice
 69 | 
 70 | *Practice Reverse Engineering.  Be careful with malware.*
 71 | 
 72 | * [Crackmes.de](http://www.crackmes.de/)
 73 | * [OSX Crackmes](https://reverse.put.as/crackmes/)
 74 | * [ESET Challenges](http://www.joineset.com/jobs-analyst.html)
 75 | * [Flare-on Challenges](http://flare-on.com/)
 76 | * [Github CTF Archives](http://github.com/ctfs/)
 77 | * [Reverse Engineering Challenges](http://challenges.re/)
 78 | * [xorpd Advanced Assembly Exercises](http://www.xorpd.net/pages/xchg_rax/snip_00.html)
 79 | * [Virusshare.com](http://virusshare.com/)
 80 | * [Contagio](http://contagiodump.blogspot.com/)
 81 | * [Malware-Traffic-Analysis](https://malware-traffic-analysis.com/)
 82 | * [Malshare](http://malshare.com/)
 83 | * [Malware Blacklist](http://www.malwareblacklist.com/showMDL.php)
 84 | * [malwr.com](https://malwr.com/)
 85 | * [vxvault](http://vxvault.net/)
 86 | 
 87 | ## Hex Editors
 88 | 
 89 | *Hex Editors*
 90 | 
 91 | * [HxD](https://mh-nexus.de/en/hxd/)
 92 | * [010 Editor](http://www.sweetscape.com/010editor/)
 93 | * [Hex Workshop](http://www.hexworkshop.com/)
 94 | * [HexFiend](http://ridiculousfish.com/hexfiend/)
 95 | * [Hiew](http://www.hiew.ru/)
 96 | * [hecate](https://github.com/evanmiller/hecate)
 97 | 
 98 | ## Binary Format
 99 | 
100 | *Binary Format Tools*
101 | 
102 | * [CFF Explorer](http://www.ntcore.com/exsuite.php)
103 | * [Cerbero Profiler](http://cerbero.io/profiler/) // [Lite PE Insider](http://cerbero.io/peinsider/)
104 | * [Detect It Easy](http://ntinfo.biz/)
105 | * [PeStudio](http://www.winitor.com/)
106 | * [PEiD](https://tuts4you.com/download.php?view.398)
107 | * [MachoView](https://github.com/gdbinit/MachOView)
108 | * [nm](https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/nm.1.html) - View Symbols
109 | * [file](https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/file.1.html) - File information
110 | * [codesign](https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/codesign.1.html) - Code signing information usage: codesign -dvvv filename
111 | 
112 | ## Disassemblers
113 | 
114 | *Disassemblers*
115 | 
116 | * [IDA Pro](https://www.hex-rays.com/products/ida/index.shtml)
117 | * [GHIDRA](https://ghidra-sre.org/)
118 | * [Binary Ninja](https://binary.ninja/)
119 | * [Radare](http://www.radare.org/r/)
120 | * [Hopper](http://hopperapp.com/)
121 | * [Capstone](http://www.capstone-engine.org/)
122 | * [objdump](http://linux.die.net/man/1/objdump)
123 | * [fREedom](https://github.com/cseagle/fREedom)
124 | 
125 | ## Binary Analysis
126 | 
127 | *Binary Analysis Resources*
128 | 
129 | * [Mobius Resources](http://www.msreverseengineering.com/research/)
130 | * [z3](https://z3.codeplex.com/)
131 | * [bap](https://github.com/BinaryAnalysisPlatform/bap)
132 | * [angr](https://github.com/angr/angr)
133 | 
134 | ## Bytecode Analysis
135 | 
136 | *Bytecode Analysis Tools*
137 | 
138 | * [dnSpy](https://github.com/0xd4d/dnSpy)
139 | * [Bytecode Viewer](https://bytecodeviewer.com/)
140 | * [Bytecode Visualizer](http://www.drgarbage.com/bytecode-visualizer/)
141 | * [JPEXS Flash Decompiler](https://www.free-decompiler.com/flash/)
142 | 
143 | ## Import Reconstruction
144 | 
145 | *Import Reconstruction Tools*
146 | 
147 | * [ImpRec](http://www.woodmann.com/collaborative/tools/index.php/ImpREC)
148 | * [Scylla](https://github.com/NtQuery/Scylla)
149 | * [LordPE](http://www.woodmann.com/collaborative/tools/images/Bin_LordPE_2010-6-29_3.9_LordPE_1.41_Deluxe_b.zip)
150 | 
151 | ## Dynamic Analysis
152 | 
153 | *Dynamic Analysis Tools*
154 | 
155 | * [ProcessHacker](http://processhacker.sourceforge.net/)
156 | * [Process Explorer](https://technet.microsoft.com/en-us/sysinternals/processexplorer)
157 | * [Process Monitor](https://technet.microsoft.com/en-us/sysinternals/processmonitor)
158 | * [Autoruns](https://technet.microsoft.com/en-us/sysinternals/bb963902)
159 | * [Noriben](https://github.com/Rurik/Noriben)
160 | * [API Monitor](http://www.rohitab.com/apimonitor)
161 | * [iNetSim](http://www.inetsim.org/)
162 | * [SmartSniff](http://www.nirsoft.net/utils/smsniff.html)
163 | * [TCPView](https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview)
164 | * [Wireshark](https://www.wireshark.org/download.html)
165 | * [Fakenet](http://practicalmalwareanalysis.com/fakenet/)
166 | * [Volatility](https://github.com/volatilityfoundation/volatility)
167 | * [Dumpit](http://www.moonsols.com/products/)
168 | * [LiME](https://github.com/504ensicsLabs/LiME)
169 | * [Cuckoo](https://www.cuckoosandbox.org/)
170 | * [Objective-See Utilities](https://objective-see.com/products.html)
171 | * [XCode Instruments](https://developer.apple.com/xcode/download/) - XCode Instruments for Monitoring Files and Processes [User Guide](https://developer.apple.com/library/watchos/documentation/DeveloperTools/Conceptual/InstrumentsUserGuide/index.html)
172 | * [dtrace](http://dtrace.org/blogs/brendan/2011/10/10/top-10-dtrace-scripts-for-mac-os-x/) - sudo dtruss = strace [dtrace recipes](http://mfukar.github.io/2014/03/19/dtrace.html)
173 | * [fs_usage](https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/fs_usage.1.html) - report system calls and page faults related to filesystem activity in real-time.  File I/O: fs_usage -w -f filesystem
174 | * [dmesg](https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man8/dmesg.8.html) - display the system message buffer
175 | 
176 | ## Debugging
177 | 
178 | *Debugging Tools*
179 | 
180 | * [WinDbg](https://msdn.microsoft.com/en-us/windows/hardware/hh852365.aspx)
181 | * [OllyDbg v1.10](http://www.ollydbg.de/)
182 | * [OllyDbg v2.01](http://www.ollydbg.de/version2.html)
183 | * [OllySnD](https://tuts4you.com/download.php?view.2061)
184 | * [Olly Shadow](https://tuts4you.com/download.php?view.6)
185 | * [Olly CiMs](https://tuts4you.com/download.php?view.1206)
186 | * [Olly UST_2bg](https://tuts4you.com/download.php?view.1206)
187 | * [x64dbg](http://x64dbg.com/#start)
188 | * [gdb](https://www.gnu.org/software/gdb/)
189 | * [vdb](https://github.com/vivisect/vivisect)
190 | * [lldb](http://lldb.llvm.org/)
191 | * [qira](http://qira.me/)
192 | * [unicorn](https://github.com/unicorn-engine/unicorn)
193 | 
194 | ## Mac Decrypt
195 | 
196 | *Mac Decrypting Tools*
197 | 
198 | * [Cerbero Profiler](http://cerbero-blog.com/?p=1311) - Select all -> Copy to new file
199 | * [AppEncryptor](https://github.com/AlanQuatermain/appencryptor) - Tool for decrypting
200 | * [Class-Dump](http://stevenygard.com/projects/class-dump/) - use deprotect option
201 | * [readmem](https://github.com/gdbinit/readmem) - OS X Reverser's process dumping tool
202 | 
203 | ## Document Analysis
204 | 
205 | *Document Analysis Tools*
206 | 
207 | * [Ole Tools](http://www.decalage.info/python/oletools)
208 | * [Didier's PDF Tools](http://blog.didierstevens.com/programs/pdf-tools/)
209 | * [Origami](https://github.com/cogent/origami-pdf)
210 | 
211 | ## Scripting
212 | 
213 | *Scripting*
214 | 
215 | * [IDA Python Src](https://github.com/idapython/src)
216 | * [IDC Functions Doc](https://www.hex-rays.com/products/ida/support/idadoc/162.shtml)
217 | * [Using IDAPython to Make your Life Easier](http://researchcenter.paloaltonetworks.com/tag/idapython/)
218 | * [Introduction to IDA Python](https://tuts4you.com/download.php?view.3229)
219 | * [The Beginner's Guide to IDA Python](https://leanpub.com/IDAPython-Book)
220 | * [IDA Plugin Contest](https://www.hex-rays.com/contests/)
221 | * [onehawt IDA Plugin List](https://github.com/onethawt/idaplugins-list)
222 | * [pefile Python Library](https://github.com/erocarrera/pefile)
223 | 
224 | ## Android
225 | 
226 | *Android tools*
227 | 
228 | * [Android Studio](http://developer.android.com/sdk/index.html)
229 | * [APKtool](http://ibotpeaches.github.io/Apktool/)
230 | * [dex2jar](https://github.com/pxb1988/dex2jar)
231 | * [Bytecode Viewer](https://bytecodeviewer.com/)
232 | * [IDA Pro](https://www.hex-rays.com/products/ida/index.shtml)
233 | * [JaDx](https://github.com/skylot/jadx)
234 | 
235 | ## Yara
236 | 
237 | *Yara Resources*
238 | 
239 | * [Yara docs](http://yara.readthedocs.org/en/v3.4.0/writingrules.html)
240 | * [Cheatsheet](https://gist.github.com/0xtyh/eeabc765e9befad9b80a)
241 | * [yarGen](https://github.com/Neo23x0/yarGen)
242 | * [Yara First Presentation](https://www.first.org/resources/papers/conference2014/first_2014_-_schuster-_andreas_-_yara_basic_and_advanced_20140619.pdf)
243 | 
244 | Please have a look at
245 | * [Top Hacking Books](http://www.kalitut.com/2016/12/best-ethical-hacking-books.html)
246 | * [Top Reverse Engineering Books](http://www.kalitut.com/2017/01/Best-reverse-engineering-books.html)
247 | * [Top Machine learning Books](http://www.kalitut.com/2017/01/machine-learning-book.html)
248 | * [Top 5 books Programming Books](http://www.kalitut.com/2017/01/Top-Programming-Books.html)
249 | * [Top Java Books](http://www.kalitut.com/2017/01/Best-Java-Programming-Books.html)
250 | 
251 | 


--------------------------------------------------------------------------------
/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "reverse-engineering",
 3 |   "version": "1.0.0",
 4 |   "description": "A curated list of awesome reversing resources",
 5 |   "main": "index.js",
 6 |   "scripts": {
 7 |     "test": "remark README.md -f"
 8 |   },
 9 |   "repository": {
10 |     "type": "git",
11 |     "url": "git+https://github.com/wtsxDev/reverse-engineering.git"
12 |   },
13 |   "keywords": [
14 |     "reverse-engineering",
15 |     "engineering",
16 |     "reverse"
17 |   ],
18 |   "author": "wtsxDev",
19 |   "license": "",
20 |   "bugs": {
21 |     "url": "https://github.com/wtsxDev/reverse-engineering/issues"
22 |   },
23 |   "homepage": "https://github.com/wtsxDev/reverse-engineering#readme",
24 |   "dependencies": {
25 |     "remark": "^8.0.0",
26 |     "remark-cli": "^4.0.0",
27 |     "remark-lint": "^6.0.0",
28 |     "remark-lint-alphabetize-lists": "^2.0.0",
29 |     "remark-lint-are-links-valid-alive": "^0.2.1",
30 |     "remark-lint-are-links-valid-duplicate": "^0.2.1",
31 |     "remark-preset-lint-recommended": "^3.0.0"
32 |   },
33 |   "remarkConfig": {
34 |     "plugins": [
35 |       "remark-preset-lint-recommended",
36 |       [
37 |         "remark-lint-list-item-indent",
38 |         "space"
39 |       ],
40 |       "remark-lint-alphabetize-lists",
41 |       "remark-lint-are-links-valid-duplicate",
42 |       "remark-lint-are-links-valid-alive"
43 |     ],
44 |     "settings": {
45 |       "commonmark": true
46 |     }
47 |   }
48 | }
49 | 


--------------------------------------------------------------------------------