Hello, My Little Roadmap: 1) Choose your architecture (intel, arm, etc) 2) Choose your platform (windows, android, etc) 3) Choose your target compiled language (c/c++, go, etc) 4) Learn how binaries live in operating systems (memory layout, start_main, binary format, etc) 5) Learn to map high level abstractions and Low level constructs, which is all the game of reversing (work with, different compiler options, different compiler, non-stripped versus stripped versions, etc) Workflow of RE: 0) gather the binary for metadata 1) gather symbols and strings 2) gather addresses and entry points 3.a) exploredynamically the process (loadtime, runtime) 3.b) map asm constructs with high level abstractions 4) turn things into RE knowledge Applied RE knowledge: -> decompilation -> modification -> documentation -> reproduction -> exploitation -> forensics -> plagarism -> any research Kisses!
@@volks8426 I also agree, but I would prefer to use some dark-mode-command-line dissasembler, may be Radare2 since it fits and runs in every miserable hardware you can find, I actually hate Ghidra since it's not only heavy for your machine but ugly, you can't set any dark-theme to avoid burning your eyes.
imo its also important for people that are new to self teaching things in general to make sure they learn at a very slow and steady pace and take small steps. when i had just started reverse engineering i struggled a lot because i tried to learn too much too fast and ended up understanding nothing. remember learning a little bit everyday beats trying to learn a lot in one day! :D
I have never found a chanel more promising than this, while I have been tinkering around and learning myself, I have never been as much informed and directed as I have here on your channel.
Few suggestions for anyone who wants to start with x86-x64 asm rce. 1. find a resource that just explains what instruction does like intel manuals or some library. You will always go back to them anyway until far into the future. Probably even then. Don't learn how to write code in assembly. Do that much later if you want. 2. learn about 25 - 30 "main" instructions and that is enough for starting. Doing that will ease your way into the language and when you need help, reference intel manuals or some other easy to access instruction library. 3. write a program yourself in C\CPP and include everything you can think off - datatypes, functions, arithmetic operations, loops, structs, pointers, etc... Basically a "DisassembleMe.cpp". Disassemble it in IDA and apply your knowledge there and go slow. See how loops are represented, how functions are called with simple (a+b), etc... 4. Add more stuff to DisassembleMe.cpp and keep going until you are comfortable enough to start adding WINAPI functions. Keep going. It is not easy and it was never meant to be easy but there it is. Save yourself countless dollars and TIME and start disassembling. It will be hard at first but if you push on you will be able to reverse other applications where source is not available. Good luck.
Thanks for making this series. Really appreciate the wisdom, and already learned a few things from the part 1 and part 2 videos. Liked the starting at the end and working back to find Windows main!
This is super informative. I've always liked the concept. I know diff languages here and there so being able to read it is nice. But this is gonna help me in the long run. More vids Marcus pls brother. Much love!!
Truly speaking for me, there is nothing that can replace the reverse engineering section of Practical Malware Analysis also writing and reversing small C programs. That was just my experience though. I really liked your previous videos about reverse engineering challenges and it was very helpful seeing your thought process. Specifically when you mentioned something about string stacking and related it to how it is used by malwares. Now whenever I see it somewhere, I just remember Markus talked about this. It was Lit! Looking forward to the new videos. Perfect timing since it is summer soon. Very exited!
That's some good mindset for resources & learning You're right, what matters is that if something was learned from a resource, that's a positive Good video!
Great video, I always found myself frustrated by resources that didn't explain all the terminology used. This was something that often made me feel overwhelmed.
Nice video I am excited to see more cool videos her. I was just learning Assembler in preperation for my RE course at University and found Yurichevs Book for the Basic Patterns in Assembly and the godbolt compiler explorer the most helpful :D
Thank you Marcus, Indeed you are an inspiration to many of us. Kindly in the next video, please show us examples or scenarios of practicing Reverse Engineering. Also, what books do you recommend for learning Assembly and C programming? Thank you please.
Hi Marcus I come from France and it's been a long time since I know your story and it always impressed me to destroy viruses like wannacry and I also wanted to tell you that you were the boss, always good 😁😁
I just found some interesting malware samples and tore them apart to the best of my ability. It’s definitely not the most efficient way to learn Assembly, but I’ve found it fun. (Also - I’ve learned that reverse engineering is sorta a last resort in malware analysis. It definitely has its place, but only alongside other techniques/tricks)
quite enjoyed this video. thank you. if you could provide some more technical overview of this that would be great too. i've been following Colin Hardy, here on youtube, and if you did the same format, i would love it!
Dude... Your Vids are Awesome... You should be teaching courses for the idiots I mean the authorities on cyber forensics... Thank you! I'd pay to take your classes!
Man, i like your manner of speaking. It's quiet and to the point. Personally, the videos where the host starts with a loud voice and acts very excited tires me out. I guess I'm not a dog person - more of a cat person.
This video has some tips that could be helpful even if you're not a complete beginner. The baby face and your voice does make it seem like you're trying not to wake up your parents though LOL
@@MalwareTechBlog Instead of buying a new mic, I would suggest you to try the Air plugin from slate digital virtual mix rack. It helped me a lot when editing the audio for an interview video recorded with poor mic placement. It makes your voice sound more like it was projected into the mic. Hope it helps
very good video. why don't you teach on youtube and earn money on youtube and patreon? you could earn more, you know? or go to ciso. hacking is not a job but a way of life. you could be a ciso or a ceo and have and use those skills outside of the main job. 🌍🌎🌏 hack the planet. love your videos
Two thumbs up on taking advantage of multiple learning methods. Sometimes I like to watch a lecture or someone do something, other times I like to read in documentation at cppreference.com. Other times I watch hardware hacker projects like Ben Eater does to get the idea of how memory and cpu interact. Then it really comes together when I write a little tool to do something or figure out how to modify an existing tool.
Наука
thanks for whispering in the video i was worried my mom might wake up :)
haha
@@duck3921 you cyberduck from twitter?
XD
🤣🤣🤣
Hello,
My Little Roadmap:
1) Choose your architecture (intel, arm, etc)
2) Choose your platform (windows, android, etc)
3) Choose your target compiled language (c/c++, go, etc)
4) Learn how binaries live in operating systems (memory layout, start_main, binary format, etc)
5) Learn to map high level abstractions and Low level constructs, which is all the game of reversing (work with, different compiler options, different compiler, non-stripped versus stripped versions, etc)
Workflow of RE:
0) gather the binary for metadata
1) gather symbols and strings
2) gather addresses and entry points
3.a) exploredynamically the process (loadtime, runtime)
3.b) map asm constructs with high level abstractions
4) turn things into RE knowledge
Applied RE knowledge:
-> decompilation
-> modification
-> documentation
-> reproduction
-> exploitation
-> forensics
-> plagarism
-> any research
Kisses!
Who asked😅
I asked
me@@omegasmindset
Let me know what you'd like to see me do a video on next!
Sorry for super quiet sound, my mic was facing wrong direction >_
Same type of vid but now taking this re knowledge and going into malware analysis. Good vid!
Or u can do a walkthrough of coding something quick in C and showing us ur thought process on how u would pick it apart in a disassembler.
@@volks8426 Great idea!
Marcus may you show how to run a dynamic analysis via ghidra? I heard it actually is possible to do dynamic on top of static analysis
@@volks8426 I also agree, but I would prefer to use some dark-mode-command-line dissasembler, may be Radare2 since it fits and runs in every miserable hardware you can find, I actually hate Ghidra since it's not only heavy for your machine but ugly, you can't set any dark-theme to avoid burning your eyes.
Marcus is an international treasure. He should be protected by all means!
I wish you knew how your story inspired me to go into cybersecurity deeper and fierce
RIGHT?? Me too!!
imo its also important for people that are new to self teaching things in general to make sure they learn at a very slow and steady pace and take small steps. when i had just started reverse engineering i struggled a lot because i tried to learn too much too fast and ended up understanding nothing. remember learning a little bit everyday beats trying to learn a lot in one day! :D
Well said and thanks for the advice! :X
I’d say that I 110% resemble that statement,,, lol.
I'm starting to learn reverse engineering and low-level, this is really helpfull. Thanks for the great content!!
I have never found a chanel more promising than this, while I have been tinkering around and learning myself, I have never been as much informed and directed as I have here on your channel.
i have been waiting for this video for so long thank you!
Few suggestions for anyone who wants to start with x86-x64 asm rce.
1. find a resource that just explains what instruction does like intel manuals or some library. You will always go back to them anyway until far into the future. Probably even then.
Don't learn how to write code in assembly. Do that much later if you want.
2. learn about 25 - 30 "main" instructions and that is enough for starting. Doing that will ease your way into the language and when you need help, reference intel manuals or some other easy to access instruction library.
3. write a program yourself in C\CPP and include everything you can think off - datatypes, functions, arithmetic operations, loops, structs, pointers, etc... Basically a "DisassembleMe.cpp". Disassemble it in IDA and apply your knowledge there and go slow. See how loops are represented, how functions are called with simple (a+b), etc...
4. Add more stuff to DisassembleMe.cpp and keep going until you are comfortable enough to start adding WINAPI functions. Keep going.
It is not easy and it was never meant to be easy but there it is. Save yourself countless dollars and TIME and start disassembling. It will be hard at first but if you push on you will be able to reverse other applications where source is not available. Good luck.
brilliant stuff mate. you're a gem of the community.
Thanks for making this series. Really appreciate the wisdom, and already learned a few things from the part 1 and part 2 videos. Liked the starting at the end and working back to find Windows main!
Thank you, Marcus. I've already taken a beginner course on Open SSL and C. I have so much more to learn and your guidance is greatly appreciated.
Your honesty is much appreciated..... Good luck
cool to see you making a video like this
This is super informative. I've always liked the concept. I know diff languages here and there so being able to read it is nice. But this is gonna help me in the long run. More vids Marcus pls brother.
Much love!!
Thank you so much, please keep uploading whenever you get time. Thanks again
this guys channel is a literal goldmine of information
Marcus ASMR for reversers engineers.
Serious: Keep up the good work!
Truly speaking for me, there is nothing that can replace the reverse engineering section of Practical Malware Analysis also writing and reversing small C programs. That was just my experience though. I really liked your previous videos about reverse engineering challenges and it was very helpful seeing your thought process. Specifically when you mentioned something about string stacking and related it to how it is used by malwares. Now whenever I see it somewhere, I just remember Markus talked about this. It was Lit! Looking forward to the new videos. Perfect timing since it is summer soon. Very exited!
Been waiting on this one!
I really really want you to stay happier, I liked not because of that but instead I agree on everything you said. XD
this was so awesome - Thank you very much for sharing your knowledge. :)
That's some good mindset for resources & learning
You're right, what matters is that if something was learned from a resource, that's a positive
Good video!
Thanks for giving us the right path
Great video, I always found myself frustrated by resources that didn't explain all the terminology used. This was something that often made me feel overwhelmed.
Nice video I am excited to see more cool videos her.
I was just learning Assembler in preperation for my RE course at University and found Yurichevs Book for the Basic Patterns in Assembly and the godbolt compiler explorer the most helpful :D
Awesome man, I'm currently a web developer and I wanted to try to learn reverse engineering as a hobby.
Wow this was very insightful for an introduction video
Thank you for sharing
Thank you Marcus,
Indeed you are an inspiration to many of us.
Kindly in the next video, please show us examples or scenarios of practicing Reverse Engineering.
Also, what books do you recommend for learning Assembly and C programming?
Thank you please.
Hi Marcus I come from France and it's been a long time since I know your story and it always impressed me to destroy viruses like wannacry and I also wanted to tell you that you were the boss, always good 😁😁
thanks marcus is very important your recomendations
I just found some interesting malware samples and tore them apart to the best of my ability. It’s definitely not the most efficient way to learn Assembly, but I’ve found it fun.
(Also - I’ve learned that reverse engineering is sorta a last resort in malware analysis. It definitely has its place, but only alongside other techniques/tricks)
very informative video thanks brother
One way to learn assembly could be to buy something like a PIC and programme it to do random things like lighting a series of LEDs..
Thank you!
quite enjoyed this video. thank you. if you could provide some more technical overview of this that would be great too. i've been following Colin Hardy, here on youtube, and if you did the same format, i would love it!
series of tutorial on reverse engineering ( for beginners) would be ideal…
First comment and view Legend👑
I love how relaxing you sound almost like asmr lol
If you're happy, then I'm happy.
My advice: read material thoroughly (slowly?) and practice.
wow, the man who stopped wannacry is teaching me reverse engineering tips... neat!
lets go!
Dude... Your Vids are Awesome... You should be teaching courses for the idiots I mean the authorities on cyber forensics... Thank you! I'd pay to take your classes!
respect
Fr dawg fr
Hey Marcus Which language you recommend to making my own tools ?
♥️
can we get a malwaretech asmr vid?
do you have any idea about FBDL , SSRF tool and ather tools to be a Bug hunter ?
0:40 I'm Brazilian 🇧🇷, I didn't know that this "Nazaré Tedesco" meme was famous internationally 😂😂😂😂
Hey Marcus do we need to a VM to do reverse engineering inside that?
Probably safer way of doing it if looking at malware
Editing comment. The jumps felt sudden. You could maybe try to polish up your j-cuts if that's a style you want to continue with.
Mostly just lazy editing because I didn't have time to re-shoot segments
will C++ work instead of C for this
Malwaretech asmr. Here for it.
LOOL IT'S ASMR
coool
Salut Marcus comment as tu acquéri les connaissances en informatique étant si jeune
bro i like you...
When you say learn “C” do you mean C++ or C# or both? (this is a noob asking a noob question)
Neither, just pure C.
Man, i like your manner of speaking. It's quiet and to the point.
Personally, the videos where the host starts with a loud voice and acts very excited tires me out.
I guess I'm not a dog person - more of a cat person.
Hey marcus I am vinnie 😂
This video has some tips that could be helpful even if you're not a complete beginner. The baby face and your voice does make it seem like you're trying not to wake up your parents though LOL
For some reason the lavalier mic makes it sound like I'm whispering, probably need to try something else.
@@MalwareTechBlog It might help if you really try projecting your voice. But yeah another mic would probably help.
@@MalwareTechBlog Instead of buying a new mic, I would suggest you to try the Air plugin from slate digital virtual mix rack. It helped me a lot when editing the audio for an interview video recorded with poor mic placement. It makes your voice sound more like it was projected into the mic. Hope it helps
Is this ASMR? Get a little closer to the mic
yes
Jokes aside, thanks for the background! This is pretty helpful
Sigh second
First
adopt me
???
Wait isn’t this the WannaCry kid??
The one who stopped it
Are you the legend around my.doom?
very good video. why don't you teach on youtube and earn money on youtube and patreon? you could earn more, you know? or go to ciso. hacking is not a job but a way of life. you could be a ciso or a ceo and have and use those skills outside of the main job. 🌍🌎🌏 hack the planet. love your videos
Two thumbs up on taking advantage of multiple learning methods. Sometimes I like to watch a lecture or someone do something, other times I like to read in documentation at cppreference.com. Other times I watch hardware hacker projects like Ben Eater does to get the idea of how memory and cpu interact. Then it really comes together when I write a little tool to do something or figure out how to modify an existing tool.