1. #1
    x BlueRobot's Avatar
    Join Date
    May 2013
    Location
    Minkowski Space
    Posts
    1,590

    Reverse Engineering Papers/Tutorials

    Prerequisites:


    • Strong Understanding of Windows Internals
    • Strong Understanding of Assembly


    Please note the information within this post is unlikely to be suitable for beginners who have just started to learn about the internals of Windows and operating systems.

    This a repository of .PDFs I have collected, which can be downloaded from SkyDrive account:

    https://skydrive.live.com/?mkt=en-GB...E8FE03DB78!105

    I have a few others which are loosely related to Security, but they lean more on Windows Internals. I currently have 325MB (397 files, 39 folders) of .PDFs and Word/PowerPoint files

    There's some papers I haven't read yet and had simply forgotten about them, looks like I have reading to do too!

    Blogs/Links:

    Most of these blogs can be found on my own blog in the Blogroll section, but I'll post them here for accessibility:




    KernelMode.Info is a forum which has some good material and questions related to Reverse Engineering. I would also suggest looking at Corelan Team's website.

    Tools:

    I have personally been practicing with OllyDbg (User-Mode only) and IDA (Freeware version). There may be some other tools too, but since this isn't my field of expertise and I'm still learning how to use some of the tools, I may have missed some key tools for Malware Analysis. You can use WinDbg too, and I believe there may be some WinDbg plug-ins for IDA Pro.

    - OllyDbg
    - IDA
    Corrine, Patrick, mgrzeg and 2 others say thanks for this.
    Machines Can Think

    I am currently studying again, and therefore may not be available very often.



    • Ad Bot

      advertising
      Beep.

        
       

  2. #2

    Re: Reverse Engineering Papers/Tutorials

    My registration to KernelMode still hasn't been manually activated, so I think I am going to re-register.

  3. #3
    x BlueRobot's Avatar
    Join Date
    May 2013
    Location
    Minkowski Space
    Posts
    1,590

    Re: Reverse Engineering Papers/Tutorials

    Quote Originally Posted by Patrick View Post
    My registration to KernelMode still hasn't been manually activated, so I think I am going to re-register.
    That's what happened to me, I had to register a different account and then I was able to access the file attachments.
    Machines Can Think

    I am currently studying again, and therefore may not be available very often.


  4. #4
    jcgriff2's Avatar
    Join Date
    Feb 2012
    Location
    New Jersey Shore
    Posts
    14,518

    Re: Reverse Engineering Papers/Tutorials


    Don't forget about John Carrona's (usasma) site - http://www.carrona.org

    And his Driver Reference Table (DRT) - http://www.carrona.org/dvrref.html

    DRT is mirrored here at Sysnative Forums - http://www.sysnative.com/drivers

    BSOD Posting Instructions - Windows 10, 8.1, 8, 7 & Vista ` ` `Carrona Driver Reference Table (DRT)
    https://www.sysnative.com/
    Sysnative Hex-Decimal-UNIX Date Conversion

    Has Sysnative Forums helped you?
    Please consider donating to help support the forum.
    Thank You!

    Microsoft MVP 2009-2015

  5. #5

    Re: Reverse Engineering Papers/Tutorials

    Another good RE blog - Alex Ionescu?s Blog

  6. #6
    niemiro's Avatar
    Join Date
    Mar 2012
    Location
    District 12
    Posts
    7,716

    Re: Reverse Engineering Papers/Tutorials

    Quote Originally Posted by Patrick View Post
    Another good RE blog - Alex Ionescu?s Blog
    And another two whilst on the topic of Windows Internals (not so directly reverse engineering):

    MSDN Blogs
    The Old New Thing - Site Home - MSDN Blogs

    Which are quite well circulated around these parts already, but may as well collect them here too.

  7. #7

    Re: Reverse Engineering Papers/Tutorials

    The MSDN ntdebugging blog is one of my personal favorites.

  8. #8
    x BlueRobot's Avatar
    Join Date
    May 2013
    Location
    Minkowski Space
    Posts
    1,590

    Re: Reverse Engineering Papers/Tutorials

    I read Alex Ionescu's blog and the NtDebugging Blog
    Machines Can Think

    I am currently studying again, and therefore may not be available very often.


  9. #9
    x BlueRobot's Avatar
    Join Date
    May 2013
    Location
    Minkowski Space
    Posts
    1,590

    Re: Reverse Engineering Papers/Tutorials

    I'm organising all the files I have downloaded, and renaming some of the files with useful names instead of lect01.comp which doesn't really define the topic. I'll post a new link when I've finished.
    niemiro and jcgriff2 say thanks for this.
    Machines Can Think

    I am currently studying again, and therefore may not be available very often.


Similar Threads

  1. Replies: 0
    Last Post: 02-17-2013, 07:49 PM
  2. Replies: 0
    Last Post: 12-01-2012, 06:41 PM
  3. Replies: 0
    Last Post: 08-01-2012, 04:22 PM

Log in

Log in