{"id":13809124,"url":"https://github.com/HACKE-RC/awesome-reversing","last_synced_at":"2025-05-14T05:33:13.603Z","repository":{"id":134317382,"uuid":"583841350","full_name":"HACKE-RC/awesome-reversing","owner":"HACKE-RC","description":"A collection of resources to learn Reverse Engineering from start!","archived":false,"fork":false,"pushed_at":"2025-03-18T15:55:13.000Z","size":59,"stargazers_count":1239,"open_issues_count":1,"forks_count":96,"subscribers_count":17,"default_branch":"main","last_synced_at":"2025-05-09T00:15:19.537Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/HACKE-RC.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"HACKE-RC","patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"lfx_crowdfunding":null,"polar":null,"buy_me_a_coffee":"coderrc","custom":null}},"created_at":"2022-12-31T05:45:57.000Z","updated_at":"2025-05-05T13:59:36.000Z","dependencies_parsed_at":"2024-02-20T18:52:35.750Z","dependency_job_id":"4e3d3e96-9c02-4bd0-a150-15deec94e6cf","html_url":"https://github.com/HACKE-RC/awesome-reversing","commit_stats":null,"previous_names":["hacke-rc/awesome-reversing"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HACKE-RC%2Fawesome-reversing","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HACKE-RC%2Fawesome-reversing/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HACKE-RC%2Fawesome-reversing/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HACKE-RC%2Fawesome-reversing/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/HACKE-RC","download_url":"https://codeload.github.com/HACKE-RC/awesome-reversing/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253592884,"owners_count":21932898,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T01:02:02.625Z","updated_at":"2025-05-14T05:33:13.570Z","avatar_url":"https://github.com/HACKE-RC.png","language":null,"funding_links":["https://github.com/sponsors/HACKE-RC","https://buymeacoffee.com/coderrc"],"categories":["Others","Other Lists","Awesome Repositories"],"sub_categories":["TeX Lists"],"readme":"# Reverse Engineering Resources ⚡\nHighest quality resources to learn Reverse Engineering from start to end!\n\n[Roadmap](https://wiki.bi0s.in/reversing/roadmap)\n\n# Table of contents\n- [Assembly](#assembly)\n  * [Linux specific](#linux-specific)\n  * [Windows specific](#windows-specific)\n  * [Miscellaneous](#miscellaneous)\n- [Operating System Internals](#operating-system-internals)\n- [Assembly Projects](#assembly-projects)\n- [Getting started](#getting-started)\n- [Getting your hands dirty](#getting-your-hands-dirty)\n- [Deobfuscation](#deobfuscation)\n- [Anti-debug and Anti-analysis](#anti-debug-and-anti-analysis)\n- [Anti-analysis](#anti-analysis)\n- [C++ Reversing](#c-reversing)\n- [Great blogs on Windows Internals](#great-blogs-on-windows-internals)\n- [Others](#others)\n- [Symbolic Execution](#symbolic-execution)\n\n## Assembly\nMy personal favourite assembly resource is the Chapter 3 in the [Computer Systems: A Programmer's Perspective](https://csapp.cs.cmu.edu) book, but if you're not into books, you can check the following resources:\n\n### Linux specific\n\n- [Assembly Tutorial](https://asmtutor.com/)\n- [Art of Assembly](https://www.plantation-productions.com/Webster/www.artofasm.com/Linux/index.html)\n\n### Windows specific\n\n- [https://www.plantation-productions.com/Webster/www.artofasm.com/Windows/index.html](https://www.plantation-productions.com/Webster/www.artofasm.com/Windows/index.html)\n- [Assembly tutorial](https://sonictk.github.io/asm_tutorial/)\n\n### Miscellaneous\n- [Learn how CPUs work](https://cpu.land)\n- [https://www.felixcloutier.com/x86/index.html](https://www.felixcloutier.com/x86/index.html)\n- [https://cs.lmu.edu/~ray/notes/x86assembly/](https://cs.lmu.edu/~ray/notes/x86assembly/)\n- [https://godbolt.org](https://godbolt.org/)\n- [https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+Arch1001_x86-64_Asm+2021_v1/about](https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+Arch1001_x86-64_Asm+2021_v1/about)\n\n## Assembly Projects\n\nAfter learning assembly, you can try some projects like making a bootloader or a whole simple Operating System.\nI have wrote a blog on this topic, [here](https://de-engineer.github.io/Understanding-booting-process-and-writing-own-os/).\n- [http://brokenthorn.com/Resources/OSDev1.html](http://brokenthorn.com/Resources/OSDev1.html)\n- [https://raw.githubusercontent.com/tuhdo/os01/master/Operating_Systems_From_0_to_1.pdf](ttps://raw.githubusercontent.com/tuhdo/os01/master/Operating_Systems_From_0_to_1.pdf)\n- [https://cs.bham.ac.uk/~exr/lectures/opsys/10_11/lectures/os-dev.pdf](https://cs.bham.ac.uk/~exr/lectures/opsys/10_11/lectures/os-dev.pdf)\n- [Learn x86-64 assembly by writing a GUI from scratch](https://gaultier.github.io/blog/x11_x64.html)\n\n\n## Operating System Internals\nIf you want to read books to learn OS then you can go in this order:\n1. The Elements of Computer Science (TECS) \u0026 [Nand2Tetris (Lectures)](https://www.coursera.org/learn/build-a-computer)\n2. [Computer Systems: A Programmer's Perspective](https://csapp.cs.cmu.edu) \u0026 [Lectures](https://scs.hosted.panopto.com/Panopto/Pages/Sessions/List.aspx#folderID=%22b96d90ae-9871-4fae-91e2-b1627b43e25e%22)\n3. Operating Systems: Three Easy Pieces \u0026 [Lectures](https://www.youtube.com/watch?v=DcBa3dBBOtM\u0026list=PLRJWiLCmxyxi2RCPVYfewxJIWJzc_colw)\n\n\nIf you are not into books, you can check the following resources:    \n- [https://www.youtube.com/playlist?list=PLmbPuZ0NsyGS8ef6zaHd2qYylzsHxL63x](https://www.youtube.com/playlist?list=PLmbPuZ0NsyGS8ef6zaHd2qYylzsHxL63x)\n- [https://www.youtube.com/playlist?list=PLgre7dUq8DGKbtnlMuJPvPYlvLdXOC9uh](https://www.youtube.com/playlist?list=PLgre7dUq8DGKbtnlMuJPvPYlvLdXOC9uh)\n- [https://pages.cs.wisc.edu/~remzi/OSTEP/](https://pages.cs.wisc.edu/~remzi/OSTEP/)\n- [Operating Systems Course (Recommended)](https://www.youtube.com/playlist?list=PLunILarQwxnl0SZ2zsgyVjU9NDD_Rn-re)\n## Getting started\n- [Free crackmes](https://crackmy.app)\n- [Roadmap for RE](https://wiki.bi0s.in/reversing/roadmap)\n- [COMPSCI 390R - Reverse Engineering \u0026 Vulnerability Analysis](https://pwn.umasscybersec.org/lectures/index.html)\n- [https://www.begin.re](https://www.begin.re/)\n- [https://artik.blue/reversing](https://artik.blue/reversing)\n- [https://legend.octopuslabs.io/sample-page.html](https://legend.octopuslabs.io/sample-page.html)\n- [https://www.youtube.com/watch?v=mDyQBM-_T1g](https://www.youtube.com/watch?v=mDyQBM-_T1g)\n- [https://www.youtube.com/watch?v=gPsYkV7-yJk](https://www.youtube.com/watch?v=gPsYkV7-yJk)\n- [https://www.youtube.com/watch?v=d4Pgi5XML8E](https://www.youtube.com/watch?v=d4Pgi5XML8E)\n- [https://www.youtube.com/watch?v=9vKG8-TnawY](https://www.youtube.com/watch?v=9vKG8-TnawY) (Recommended)\n\n## Getting your hands dirty\n\n- [https://crackmes.one](https://crackmes.one/)\n- [http://reversing.kr/challenge.php](http://reversing.kr/challenge.php)\n- [https://github.com/Maijin/radare2-workshop-2015/tree/master/IOLI-crackme](https://github.com/Maijin/radare2-workshop-2015/tree/master/IOLI-crackme)\n- [http://reversing.kr/challenge.php](http://reversing.kr/challenge.php)\n- [https://0x00sec.org/t/challenge-collection-reverse-engineering-and-crackme/3027](https://0x00sec.org/t/challenge-collection-reverse-engineering-and-crackme/3027)\n- [Youtube playlist on Malware Analysis](https://www.youtube.com/watch?v=n06QSoICU6c\u0026list=PLt9cUwGw6CYG2DSfjXEE3GotkQDa5b-6s)\n- [Binary Analysis Free Course](https://maxkersten.nl/binary-analysis-course/)\n\n## Deobfuscation\n\n- [https://www.vadesecure.com/en/blog/malware-analysis-understanding-code-obfuscation-techniques](https://www.vadesecure.com/en/blog/malware-analysis-understanding-code-obfuscation-techniques)\n- [https://www.youtube.com/watch?v=bEsQ8UYioU4](https://www.youtube.com/watch?v=bEsQ8UYioU4)\n- [https://0x00sec.org/t/packers-executable-compression-and-data-obfuscation/847](https://0x00sec.org/t/packers-executable-compression-and-data-obfuscation/847)\n- [https://www.blackhat.com/presentations/bh-usa-07/Yason/Whitepaper/bh-usa-07-yason-WP.pdf](https://www.blackhat.com/presentations/bh-usa-07/Yason/Whitepaper/bh-usa-07-yason-WP.pdf)\n- [https://www.varonis.com/blog/x64dbg-unpack-malware](https://www.varonis.com/blog/x64dbg-unpack-malware)\n- [https://apr4h.github.io/2021-05-01-Manually-Unpacking-Remcos-Malware/](https://apr4h.github.io/2021-05-01-Manually-Unpacking-Remcos-Malware/)\n- [https://www.youtube.com/watch?v=EdchPEHnohw](https://www.youtube.com/watch?v=EdchPEHnohw)\n- [https://www.youtube.com/playlist?list=PLynb9SXC4yER8NinXJwV4GHUM9-jaIsN_](https://www.youtube.com/playlist?list=PLynb9SXC4yER8NinXJwV4GHUM9-jaIsN_)\n\n## Anti-debug and Anti-analysis\n\n- [https://iopscience.iop.org/article/10.1088/1742-6596/1744/4/042186/pdf](https://iopscience.iop.org/article/10.1088/1742-6596/1744/4/042186/pdf)\n- [https://wikileaks.org/vault7/document/2015-07-PoC-Anti_Debugging_and_Anti_Emulation/2015-07-PoC-Anti_Debugging_and_Anti_Emulation.pdf](https://wikileaks.org/vault7/document/2015-07-PoC-Anti_Debugging_and_Anti_Emulation/2015-07-PoC-Anti_Debugging_and_Anti_Emulation.pdf)\n- [https://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf](https://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf)\n- [https://anti-debug.checkpoint.com/](https://anti-debug.checkpoint.com/)\n- [https://www.youtube.com/watch?v=WlE8abc8V-4\u0026feature=emb_title](https://www.youtube.com/watch?v=WlE8abc8V-4\u0026feature=emb_title)\n\n## Anti-analysis\n\n- [https://www.malwarebytes.com/blog/news/2014/09/five-anti-debugging-tricks-that-sometimes-fool-analysts](https://www.malwarebytes.com/blog/news/2014/09/five-anti-debugging-tricks-that-sometimes-fool-analysts)\n- [https://www.oic-cert.org/en/download/Anti-Analysis techniques (OIC Talk).pdf](https://www.oic-cert.org/en/download/Anti-Analysis%20techniques%20(OIC%20Talk).pdf)\n- [https://www.cynet.com/attack-techniques-hands-on/malware-anti-vm-techniques/](https://www.cynet.com/attack-techniques-hands-on/malware-anti-vm-techniques/)\n- [https://www.youtube.com/watch?v=5NO-W3SVjak\u0026feature=emb_title](https://www.youtube.com/watch?v=5NO-W3SVjak\u0026feature=emb_title)\n\n## C++ Reversing\n- [Reversing C++ Virtual Functions](https://alschwalm.com/blog/static/2016/12/17/reversing-c-virtual-functions/)\n- [Reversing C++](https://www.blackhat.com/presentations/bh-dc-07/Sabanal_Yason/Paper/bh-dc-07-Sabanal_Yason-WP.pdf)\n\n## Windows Research\n\nIf you want to get into Windows Research, then you need to learn Windows Internals.\n\n- [My blog on Windows Internals](https://de-engineer.github.io)\n- [Book on Windows Internals published by MS. Use it like a reference to learn about specific topics when needed](https://learn.microsoft.com/en-us/sysinternals/resources/windows-internals)\n- [Has the best video courses](https://www.pluralsight.com/authors/pavel-yosifovich)\n- [Windows Process Internals](https://www.youtube.com/watch?v=4AkzIbmI3q4\u0026feature=emb_title)\n- [Windows Internals Overview](https://samsclass.info/140/lec/Excerpted-PRE07_Solomon.pdf)\n- [Intro to Windows Internals](https://vimeo.com/49347561)\n- [Win32 programming with code examples](https://installsetupconfig.com/win32programming)\n- [Notes for Windows API programming](https://caiorss.github.io/C-Cpp-Notes/WindowsAPI-cpp.html)\n- [Windows undocumented functions documentation](http://undoc.airesoft.co.uk)\n- [Windows undocumented stuff's documentation](https://geoffchappell.com/index.htm)\n- [Windows Internals Book 7th edition Tools](https://github.com/zodiacon/windowsinternals)\n- [Full source code of ReactOS (open-source reimplementation of Windows)](https://doxygen.reactos.org/index.html)\n- [Explanation of key data structures used by device drivers, kernel, and HAL](https://codemachine.com/articles/kernel_structures.html)\n- [Take a look at more than 6000 Windows Undocumented structures](https://www.vergiliusproject.com/)\n- [Resources For Advanced Windows Development](https://pastebin.com/NXxrYHp8)\n- [Understanding the EPROCESS data structure](https://info-savvy.com/understanding-eprocess-structure/)\n- [The NT Handle Table](https://www.cs.miami.edu/home/burt/journal/NT/handle_table.html)\n- [Anatomy of the thread suspension mechanism in Windows.](https://ntopcode.wordpress.com/2018/01/16/anatomy-of-the-thread-suspension-mechanism-in-windows-windows-internals/)\n- [Automatically generated diff of Windows structures](http://terminus.rewolf.pl/terminus/)\n- [Thread Scheduling Windows](https://www.i.u-tokyo.ac.jp/edu/training/ss/lecture/new-documents/Lectures/03-ThreadScheduling/ThreadScheduling.pdf) \n- [Kernel Callback Functions](https://codemachine.com/articles/kernel_callback_functions.html)\n- [Decompilation of NT API functions](http://likeagod.revers.engineering)\n\n## Great blogs on Windows Internals\n\n- [https://secret.club](https://secret.club/)\n- [wumb0.in](https://t.co/TQttGxnkVF)\n- [voidsec.com](https://t.co/Rz220SAwbt)\n- [https://poppopret.blogspot.com/?m=1](https://poppopret.blogspot.com/?m=1)\n- [https://www.ragestorm.net/blogs/?cat=13](https://www.ragestorm.net/blogs/?cat=13)\n- [https://www.x86matthew.com](https://www.x86matthew.com/)\n- [https://www.tiraniddo.dev](https://www.tiraniddo.dev/)\n- [https://googleprojectzero.blogspot.com](https://googleprojectzero.blogspot.com/)\n\n## Others\n- [GuidedHacking](https://guidedhacking.com)\n- [Compiler Optimizations for Reverse Engineers.](https://www.msreverseengineering.com/blog/2014/6/23/compiler-optimizations-for-reverse-engineers)\n- [Reversing Stories: Updating the Undocumented ESTROBJ and STROBJ Structures for Windows 10 x64.](https://versprite.com/blog/security-research/reverse-engineering-undocumented-structures/)\n- [Methodology for Static Reverse Engineering of Windows Kernel Drivers.](https://posts.specterops.io/methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83)\n- [What I Have Learned from Reverse Engineering Windows Containers.](https://unit42.paloaltonetworks.com/what-i-learned-from-reverse-engineering-windows-containers/)\n- [A Syscall Journey in the Windows Kernel.](https://alice.climent-pommeret.red/posts/a-syscall-journey-in-the-windows-kernel/)\n- [Reversing with HyperDbg (Dbg3301) - OpenSecurityTraining](https://www.youtube.com/playlist?list=PLUFkSN0XLZ-kF1f143wlw8ujlH2A45nZY)\n\n## Symbolic Execution\n- [Introduction to SMT Solvers - an overview of z3](https://de-engineer.github.io/SMT-Solvers/)\n- [Video lecture on Symbolic Execution by MIT](https://www.youtube.com/watch?v=yRVZPvHYHzw)\n- [Video lectures on Symbolic Execution](https://pwn.umasscybersec.org/lectures/index.html)\n- [Youtube video covering the basics of z3](https://www.youtube.com/watch?v=kZd1Hi0ZBYc)\n- [Learn z3](https://github.com/ViRb3/z3-python-ctf)\n- [Course on Symbolic Analysis](https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+RE3201_symexec+2021_V1/course)\n- https://sat-smt.codes/SAT_SMT_by_example.pdf\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FHACKE-RC%2Fawesome-reversing","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FHACKE-RC%2Fawesome-reversing","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FHACKE-RC%2Fawesome-reversing/lists"}