Resources

Reference Texts

General:

• Practical Reverse Engineering
• Secrets of Reverse Engineering
• x86 Software Reverse Engineering

Malware Analysis:

• Practical Malware Analysis
• Mastering Malware Analysis

Firmware:

• Rootkits and Bootkits

Exploitation:

• Hacking: The Art of Exploitation
• Shellcoders Handbook

Windows:

• Windows Internals 1
• Windows Internals 2
• Rootkit Arsenal

Cryptography:

• Serious Cryptography
• Real-World Cryptography

Protocols:

• Attacking Network Protocols

Binary Analysis:

• Practical Binary Analysis

IOT:

• Practical IOT Hacking
• The IoT Hacker’s Handbook

Hardware:

• Hardware Hacker’s Handbook

Miscellaneous:

• Introduction to Cyber-Warfare
• The Ghidra Book
• Julia Evans’ Comics
• Crackme Challenges
• SEED Labs
• HTML Preview

Pages with More Links

• Paul Veillard (Github)
  • Ethical Hacking Links
• Awesome InfoSec
• CSIRT-MU
• Untrusted Network Resources
• Awesome Malware Analysis

Other Learning Platforms

• MalDev academy
• Vx underground malware code
• pwn.college

Reverse Engineering

• learning-reverse-engineering (Github) by thecyberyeti

Assembly Language

• Intro to Computer Organization
• Intel vs. AT&T Assembly Syntax
• Learn X86 Assembly
• GNU as i386/x64 Manual
• GNU Assembler Examples
• ARM Assembly By Example
• Amd64 Programmers Manual (Vol. 1)
• Intel Programmers Manuals (Vol. 2)
• Compiler Explorer | Decompiler Explorer
• Visual ARM Emulator
• x86_64 Playground

Static Analysis

• Linux Executables (readelf/GNU binutils)
• Windows Executables (petools)
• Ghidra
• Binaryninja

Dynamic Analysis

• LD_PRELOAD CTF Tools
• LD_PRELOAD Tricks
• More LD_PRELOAD Tricks
• Calling Convention / ABI

GDB UI Improvements

• pwndbg
• gef

Vulnerability Analysis

• Insecure Programming
• Hacksplaining

Windows

• Zimmerman Tools
• PEBear
• Windows Sysinternals
  • Process Monitor (procmon)
• DLLSpy
• NTcore
• PEstudio
  • Usage blogs:
  • Varonis
  • SANS

Networking

• Wireshark
• NetworkMiner
• PacketTotal

Blogs

• Shared Libraries
• Parsing ELF Headers w/ Rust
• Exploring Mach-O
• Analyzing ELF Headers
• ELF Segments & Sections
• d10a pikabot analysis
• Advanced Malware Analysis
• Shell Storm
• Geoff Chappel, Software Analyst
• Dll Injection Using LoadLibrary
• Varonis: How to use Ghidra
• Varonis: How to use x64dbg
• Varonis: Unpack malware w/ x64dbg
• devttys0’s blog
• Quarkslab
• Malware Tech (Marcus Hutchins)
• Untrusted Network
• SANS Institute
  • Start Learning Malware Analysis

CTF Resources

• Google: “List of CTFs”
• Trail of Bits
• CTF Time Writups
• Google CTF Beginners Intro

Cryptography

• CryptoPals Challenges

Malware

• Virus Total
• @malwareunicorn Workshops
• Malware Traffic Analysis
• Windows API Calls
• Run-Time Dynamic Linking
• Windows API Hashing
• Remnux: A linux toolkit for malware analysis
• Commonly Used by Malware:
  • File Extensions
  • Api Calls
  • Trusted Domain Names
• Living Off The Land techniques
• GTFOBins
• Historical Malware Information

Android

• Maddie Stone’s Android App RE 101

Filesystems

• Understanding Filesystems
• FreeBSD Docs on ZFS

Return-Oriented-Programming

• ROPemporium Beginners Guide

Golang Reversing

• Ghostrings

Supplemental Lectures

• AT&T vs. Intel Assembly
• Reversing Tips + Golang

Site Tools

• File Tool