Download to read offline
Uploaded byJannis Kirschner
Windows Userland Reverse Engineering [SHC19]
The document outlines a basic course on Windows userland reverse engineering, covering methodologies, tools, and techniques. It includes simplified explanations of Windows NT and IA32 architecture, as well as methods for detecting binary types and unpacking executables. Various tools are discussed, such as disassemblers, debuggers, and PE editors.
![Evil Admin Challenge [ECSC 2019]](https://cdn.slidesharecdn.com/ss_thumbnails/eviladminswitzerlandv1-191113122633-thumbnail.jpg?width=640&height=640&fit=bounds)
![Swiss Cybervoting Pit(falls) [BSidesZH 19]](https://cdn.slidesharecdn.com/ss_thumbnails/swisscybervotingpitfalls-191113123132-thumbnail.jpg?width=640&height=640&fit=bounds)
Windows Userland Reverse Engineering [SHC19]
- 1. Windows Userland Reverse Engineering(Basic Course) Methodology, Tools and Techniques © Jannis Kirschner ( @xorkiwi )
- 2.
- 3. Windows NT Architecture(Simplified)
- 4.
- 5.
- 7. Windows RE Methodology Save Hash/Name/Size/ Etc DetectBinary Type/Packer Use Disassembler for Purpose/Overview Debug Critical Parts Unpacking Remove Anti Reversing Tricks
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.