If You Want To Learn How To Reverse Engineer You Should Start

How can I start learning about reverse engineering?

What kind of reverse engineering you want to accomplish?Software Reverse Engineering? Device Driver’s Reverse Engineering? Integrated Circuit’s firmware Reverse Engineering? A mechanical Motor Reverse Engineering?The answer to your question will depend on what’s the target you want to reverse. I’ll consider you mean Software Reverse Engineering.In order to start your way in Software Reverse Engineering, you shall have a strong base understanding of the following topics:The Processor Architecture on which your target software runs on.The Compiler your target software was compiled with.The Executable Image Structure of your target executable file.The language(s) your target software was written in.The first one - Processor’s Architecture - is the most important one, since when you are dealing with any closed-source software, you are working on the machine-generated code that was the output from the compiler of the language the software was written in. The more you know about the processor, the more easier you will be able to handle, intercept, and analyze the code.Also, knowledge of the compiler is too important for some anti-disassembling techniques that might be a (hard) obstacle in your reversing journey.Knowledge of the executable file format of the OS your target runs on is an important aspect too, that reveals a treasure of information about the file being executed, for instance you will most probably need to know the table(s) that points to the different imported/exported modules that the software needs to run the way it’s intended to, or the functions’ list that are used in the executable file.Finally, sometimes if you knew in which language the software was written in, that will make easy for you to go directly to analyze specific parts of the code, instead of wasting a lot of time on stepping through every single instruction.So Reverse Engineering doesn’t have a book that teaches you to follow some steps and you will successfully be able to reverse a specific software/file. As you can see, it strongly depends on your understanding of the environment in which the executable file runs.I strongly suggest the following books as further readings on some reversing tricks/anti-tricks:Reversing: Secrets of Reverse Engineering: Eldad Eilam: 8601300478531: Amazon.com: BooksPractical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software: Michael Sikorski, Andrew Honig: 8601400885581: Amazon.com: Books

How do I start learning reverse engineering software?

I will answer your question supposing that reverse engineering points to the process of going backward from an executable machine code to a source code or similar jobs (sniffing network data to understand what’s going on etc.)However, I believe RE is wider and here it is as defined in wikipedia:Reverse engineering, also called back engineering, is the processes of extracting knowledge or design information from anything man-made and re-producing it or re-producing anything based on the extracted informationIMHO, is that you can’t learn Reverse-Engineering until you learn Engineering.That doesn’t mean you have to be an excellent engineer (i.e programmer), but you must at least learn programming and specially:Computer architectures,Design and implementation of modern operating systems,x86 Assembly, C, C++.CompilersEmbedded systemsTCP/IP and common networking.Reverse engineering tools which are mainly debuggers and decompilers.You know, Reverse-Engineering is not an easy field, it requires both strong knowledge and good sense.It also requires a lot of patience, but also I can confirm that a lot of fun is guaranteed.

How can I learn reverse engineering?

1. Read this ebook:https://vxheaven.org/lib/pdf/Ide...Reverse Engineering: The Viral Approach2. Play with IDA Pro, or objdump to disassemble the binary.3. Play with QEMU emulator, and setup an virtual environment for yourself to step through the program or just run the program. Or VMWare, or VirtualBox. The key to RE is that anything unknown should be treated as malicious. And if the binary want to connect back to some server, perhaps you should intercept the traffic to capture the content, or emulate the server if possible.4. Debugger: breakpoint by address, data - these are among the most important knowledge to master when reversing.5. Master commercial debugger like Immunity Debugger (lots of features which facilitate RE):Immunity Debugger6. Generally, you cannot RE everything, but just identify a target for yourself, eg, finding the key in memory, go straight into the target.Sep2016 Update:learn gdb 7.0: Reversible debugging: GDB and Reverse DebuggingHow does reverse debugging work?Talk and learn from other reverser: Welcome to the longest running and most complete Crackmes web page on the internet.Activity Stream - RCE Messageboard's RegroupmentWelcome to VX Heaven! (this site have lots of anti-RE stuff)In the past is Wotsit: where you can find out all the internal details of different files like pdf, ppt, xls etc. Now it has died: Where to find information about a file format?Check out all the unanswered RE questions: Highly Voted Unanswered QuestionsAll the RE related stuff at reddit website: Reverse Engineering • /r/ReverseEngineeringAnd googling for the Books:http://www.foo.be/cours/dess-201...http://www.radintech.com/attachm...

I want to learn PYTHON language for reverse engineering purpose but I don't know anything about it so how can I start learning and from where?

Edit: Found this nice resource Reverse Engineering for BeginnersThere are two aspects to this first is Reverse Engineering/Netsec and second one is Python specific.There is a great community on reddit for related topic of network security /r/netsec, it is going to take you a while to understanding whats what. Nevertheless keep going there weekly and read stuff, given enough time one fine day you will find yourself connecting the dots. To do reverse engineering you have to know how things have been engineered in first place and how  stuff works in general. E.g. How does HTTPS works? What is a client server architecture? What is Cryptography? etc.For python specific I would recommend reading: Python arsenal for Revere EngineeringTwo cents: Keep it simple, start small (don't try to do something too ambitious). Keep taking a baby step forward each day.

How or where can I learn reverse software engineering?

The best place to start is your own C or C++ programs. Learn how to use various disassemblers (e.g. ndisasm and objdump) and decompilers (e.g. IDA Pro and Hopper) and debuggers (e.g. gdb and valgrind). With your own programs, you already know what they’re supposed to do and what the original source code looks like. You can readily modify the source code and compiler flags to adjust the output (e.g. include debugging symbols).Some good resources:Reverse Engineering Stack Exchange for reading/asking questionsCompiler Explorer for exploring compiler outputReverse Engineering | Penetration Testing Tools for a range of FOSS reverse engineering toolsAside from knowing ASM and how compilers work really well and mastering the aforementioned tools, you may also need to learn how to reverse engineer network traffic. Tools like WireShark and Fiddler are incredibly useful, though sniffing encrypted traffic is tough. If the client application is written decently, you’ll definitely need the private key of the server to snoop the traffic. But some network games do allow you to snoop on their traffic this way, and with your own local proxy, you can start messing around with the communication and gradually figure out the communication protocol and make it do what you want.

What are the things that I need to learn first to be able to do reverse engineering?

It depends on the “engineering” you want to reverse.If you target the networking field, then you should have a strong understanding of the different networking layers, the OSI model. Reading books as TCP/IP illustrated is very helpful. You can then jump to reversing tools like WireShark or Ettercap.If you target computer software and executable reversing, then this is a different wild.You should have a very deep understanding of the computer architecture in general, how Operating systems work, how a program is run, its different memory areas (data, heap, stack..).You also must known by heart the design of the processor you are working with, whether it is a x86 Intel, ARM or something else.You also should know how to write in C like a boss, know how to debug what you compiled and know even how to rewrite it in assembly.Tools like IDA or SoftICE are your allies, and OS distributions like Kali Linux are your playground.I know you might hear teens tinkering with the Metasploit framework or wiring some 0day exploits to break into some computers are called hackers. My opinion is a reverse-engineer is someone else. It takes time and patience, with a dedicated and precise mindset.Good Luck!

Should a software developer (software engineer) learn reverse engineering and why?

I learnt to reverse engineer software as an intellectual exercise, and used it several times when software suppliers wouldn't fix bugs or had undesirable side effects. Some examples…dBase 4 had a bug that listed file dates as a.m. instead of p.m. when after 16.00. I created a patch to fix.A barcode reader program gave the wrong answer under certain conditions, again the suppliers weren't interested once they'd got the sale. I reverse engineered the compiled dBase3 program, fixed it, and recompiled it.I also removed copy protection from several PC programs that used key disks to work. This was to ensure they continued working regardless of the key disk, NOT to sell bootleg copies.Give me the binary of any app, and (with the right motivation) I can reverse engineer it - dBase, C/C++, ROMs, even IBM's data encryption programs and their read-protected memory.