This repository contains several programs designed to help you in learning reverse engineering and malware anlaysis. The type of program is organized by concept it is focused, you can see this through the root folder structure. Source code along with compiled binaries are provided in each directory.
I discuss many of these programs through online videos and courses and you may find the following helpful:
-
Getting Started with x86 Assembly - YouTube Playlist
-
Getting Started with Reverse Engineering - YouTube Playlist and full courses on Pluralsight
-
Analyzing C++ objects in Ghidra - YouTube playlist
-
Analyzing C Structures in IDA Pro - YouTube playlist
-
Essential Elements of the Portable Executable (PE) file - YouTube playlist
- sclauncher: A shellcode launcher and debugging tool
These programs are intended to be compiled with the C/C++ compiler from Microsoft. You can use the Developer Command Prompt after installing the free/community version to compile using cl. An example of this command would be:
cl <path/to/source_code>
This should produce two files: .obj and .exe using the name of the input file. You can typically ignore the .obj file, the .exe is what you will analyze. Please note, occassionally specific compiler flags are used to obtain desired affects in the resulting binary. These compiler flags will be identified in the related videos or noted in the README in the specific folder.