A FREE comprehensive reverse engineering course covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Books, videos, and examples.
Assembled by DC540.
USBQ is a Python-based programming framework for monitoring and modifying USB communications. Uses the kernel module from USBiquitous to implement the MITM part in the USB stack. Really does need an external device to actually sit in between the device and the system to sniff the data. Hmm.
This repository contains helpful resources to receive signals transmitted from an Arduino 433 MHz transmitter with an RTL-SDR receiver using GNU Radio.
The project consists of two parts. In the first part, we reverse-engineer the protocol. In the second part, we implement a real-time receiver.
Binary Viewer is a tool for binary file discovery using visualizations that may highlight patterns.
Seems like it'd be useful for finding REST APIs to reverse engineer.
A book that teaches the basics of reverse engineering software. CC-BY-SA. Has its own Git repo. Available in multiple languages.
Software for investigating unknown wireless protocols. Plug in an SDR and go. Helps you figure out how to demodulate signals, record and transmit signals, generate an overview, write or customize decoding routines to get a clearer picture, annotate and label the signals, fuzz devices (with a transmit-capable SDR), and run simulations of the protocols' state machines.
In the Arch Linux Community package collection.
An open source decompilation application that helps the user reverse engineering applications. Retargetable to different CPUs, so you can (say) reverse a SPARC binary on a PowerPC machine. Modular.
A cheat-sheet for reverse engineering malware, by Lenny Zeltser.
A disassembler for Windows. One of the best in the field, and v2.0 just went beta. It's shareware, though it doesn't appear to lack any functionality if you haven't purchased it yet.
A toolset for taking apart Android .apk files so that the binaries can be reverse engineered or modified.
Cuckoo is an isolated virtual machine that assists and partially automates the analysis and reverse engineering of malware. It can be used to analyze malware and its components for Windows, suspicious document files, and obfuscated or otherwise dodgy scripts. It can be used to trace API calls and capture network taffic for analysis. It is also designed for extensibility, so you can implement your own analysis and reverse engineering processes to add to the virtual machine. Has a Github repository.
github virtual-machine open-source reverse-engineering virtualbox tools sandbox analysis malware
FDBG is a code debugger for code running in user mode (ring 3) in long mode (i.e., 64-bit native mode) on AMD CPUs. Ports for Windows and Linux are available. Written entirely in assembly language, includes source code. Extremely small executable.
Upload a file to this site and it not only takes the file apart like a hex editor, but it also implements a number of different visualization techniques that translate the binary into visual pictures. The visual feedback is highly useful in the process of reverse engineering, because people's brains just weren't wired to read hex.
BinNavi is a tool for performing static and dynamic reverse engineering of executables for a number of platforms - x86, ARM, PowerPC, and MIPS. Can connect to remote debuggers on other systems to examine running code. Extensible with scripts, can annotate call flow graphs. The source is on Github: https://github.com/google/binnavi
This is a free ebook about using the debugger/hex editor Radare2. It teaches basic techniques for using Radare2 all the way up to reverse engineering 64-bit executables. Free to download.
A lot of manufacturers leave their schematics on the FCC's website.
Cuckoo is a system emulator written in Python for analyzing malware. It automates much of the process of reverse engineering malware samples, such as tracing execution, snapshotting memorry, tracing API and function calls, and dumping network traffic. Generates reports at the end of execution. Modular design, so it's easily customizable.
3722 links, including 192 private