{"id":29112791,"url":"https://github.com/atomjay/reverse_analysis","last_synced_at":"2026-04-21T10:06:04.293Z","repository":{"id":301861860,"uuid":"1010511574","full_name":"atomjay/reverse_analysis","owner":"atomjay","description":"學習逆向工程技術,涵蓋靜態/動態分析以及加殼、混淆和加密等進階二進位保護","archived":false,"fork":false,"pushed_at":"2025-06-29T08:26:02.000Z","size":157,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-09-17T19:51:30.279Z","etag":null,"topics":["assembly","binary-analysis","disassembly","dynamic-analysis","malware-analysis","obfuscation","packing","reverse-engineering","static-analysis","unpacking"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/atomjay.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-06-29T08:20:33.000Z","updated_at":"2025-06-29T08:30:00.000Z","dependencies_parsed_at":"2025-06-29T09:31:09.241Z","dependency_job_id":"5ea38bb8-62b3-4bff-9852-140fb4ae57e2","html_url":"https://github.com/atomjay/reverse_analysis","commit_stats":null,"previous_names":["atomjay/reverse_analysis"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/atomjay/reverse_analysis","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atomjay%2Freverse_analysis","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atomjay%2Freverse_analysis/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atomjay%2Freverse_analysis/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atomjay%2Freverse_analysis/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/atomjay","download_url":"https://codeload.github.com/atomjay/reverse_analysis/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atomjay%2Freverse_analysis/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32086822,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-21T06:27:27.065Z","status":"ssl_error","status_checked_at":"2026-04-21T06:27:21.250Z","response_time":128,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["assembly","binary-analysis","disassembly","dynamic-analysis","malware-analysis","obfuscation","packing","reverse-engineering","static-analysis","unpacking"],"created_at":"2025-06-29T11:04:39.843Z","updated_at":"2026-04-21T10:06:04.270Z","avatar_url":"https://github.com/atomjay.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 逆向工程學習專案 (Reverse Engineering Learning Projects)\n\n這是一個旨在系統學習逆向工程技術的專案儲存庫。它包含一系列循序漸進的實作專案,涵蓋了從基礎靜態/動態分析到複雜二進位保護(如加殼、混淆、加密打包和符號移除)的逆向工程方法。\n\n## 專案目標\n\n* **掌握逆向工程工具:** 熟悉並運用 `clang`, `uv`, `frida`, `r2`, `lldb`, `IDA Pro`, `Hopper`, `upx`, `openssl`, `strip` 等工具。\n* **理解二進位保護機制:** 深入了解程式碼混淆、加殼、加密打包和符號移除等技術的原理及其對逆向工程的影響。\n* **學習逆向分析策略:** 掌握針對不同保護技術的靜態分析、動態偵錯和去混淆/解包策略。\n* **實作與驗證:** 透過實際操作,驗證逆向分析的結果,並重現原始程式邏輯。\n\n## 專案結構\n\n```\nreverse_analysis/\n├── GEMINI.md # 專案總覽與進度追蹤\n├── RE_TOOLS_GUIDE.md # macOS 逆向工程工具指南\n└── projects/\n ├── 01_secret_password/ # 專案一:破解「神秘密碼」\n ├── 02_magic_spell/ # 專案二:破解「魔法咒語」\n ├── 03_hidden_message/ # 專案三:破解「隱藏的訊息」\n ├── 04_license_key/ # 專案四:破解「授權金鑰」\n ├── 05_obfuscated_algo/ # 專案五:破解「混淆的演算法」\n └── 06_packing_unpacking/ # 專案六:破解「打包與解包」\n ├── 01_upx_packing/ # UPX 加殼與解殼\n ├── 02_code_obfuscation/ # 程式碼混淆與去混淆\n ├── 03_custom_encryption_packing/ # 自定義加密打包與解密\n ├── 04_symbol_stripping/ # 符號移除與逆向\n └── 05_combined_protections/ # 綜合保護與逆向\n```\n\n## 已完成專案\n\n### 專案一:破解「神秘密碼」\n* **目標:** 找出 Python 腳本中硬編碼的密碼。\n* **學習點:** 靜態字串分析的有效性,以及當一種方法受阻時靈活變通的重要性。\n\n### 專案二:破解「魔法咒語」\n* **目標:** 逆向分析一個 C 程式中的數學演算法。\n* **學習點:** 靜態分析工具 (如 Ghidra/IDA Pro/Hopper) 在理解程式邏輯和演算法方面的強大能力。\n\n### 專案三:破解「隱藏的訊息」\n* **目標:** 找出一個 C 程式中 XOR 混淆的訊息及其金鑰。\n* **學習點:** Radare2 在 CLI 環境下進行靜態分析的能力,以及精確數據提取的重要性。\n\n### 專案四:破解「授權金鑰」\n* **目標:** 逆向分析一個 C 程式中動態生成的授權金鑰演算法。\n* **學習點:** 動態偵錯 (LLDB) 在理解程式運行時行為和複雜演算法方面的不可替代性。\n\n### 專案五:破解「混淆的演算法」\n* **目標:** 逆向分析一個包含經過混淆處理的演算法的程式,揭示其真實邏輯。\n* **學習點:** 結合靜態分析和動態驗證來理解混淆演算法。\n\n### 專案六:破解「打包與解包」\n* **目標:** 深入理解常見的二進位保護技術,並學習如何針對這些保護進行逆向工程。\n* **子模組:**\n * **UPX 加殼與解殼:** 探索 UPX 在 macOS 上的行為、其帶來的挑戰,以及靜態/動態分析的局限性。\n * **程式碼混淆與去混淆:** 學習編譯器優化對混淆的影響,並透過靜態分析去混淆程式碼邏輯。\n * **自定義加密打包與解密:** 掌握從分析解密存根、提取關鍵信息到手動解密和驗證的完整逆向分析流程。\n * **符號移除與逆向:** 學習在缺乏符號信息的情況下,透過字串交叉引用和程式碼邏輯分析來識別函數功能。\n * **綜合保護與逆向:** 應用層次化逆向策略,逐步剝離多層保護,並綜合運用各種工具進行分析。\n\n## 如何開始\n\n1. **克隆儲存庫:**\n ```bash\n git clone https://github.com/atomjay/reverse_analysis.git\n cd reverse_analysis\n ```\n2. **參考 `GEMINI.md`:** 該文件提供了詳細的專案進度、指導原則和每個專案的連結。\n3. **參考 `RE_TOOLS_GUIDE.md`:** 該文件提供了 macOS 環境下逆向工程工具的安裝與基本使用方法。\n\n## 貢獻\n\n歡迎對本專案提出建議或貢獻。如果您有任何問題或想法,請隨時提出 Issue 或 Pull Request。\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fatomjay%2Freverse_analysis","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fatomjay%2Freverse_analysis","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fatomjay%2Freverse_analysis/lists"}