{"id":47819133,"url":"https://github.com/solomonkassa/assembly-reverse-engineering","last_synced_at":"2026-04-03T19:01:43.157Z","repository":{"id":334239242,"uuid":"1140641884","full_name":"Solomonkassa/assembly-reverse-engineering","owner":"Solomonkassa","description":"Assembly Reverse Engineering Mastery ๐Ÿ” A comprehensive collection of assembly language resources, tools, and challenges for reverse engineering and binary analysis. From beginner to advanced levels, this repository provides hands-on experience with real-world reverse engineering scenarios across multiple architectures.","archived":false,"fork":false,"pushed_at":"2026-01-23T16:08:33.000Z","size":125,"stargazers_count":4,"open_issues_count":0,"forks_count":3,"subscribers_count":3,"default_branch":"main","last_synced_at":"2026-01-24T06:31:11.127Z","etag":null,"topics":["assembly","c","docker","documentation","ethical-hacking","ethical-hacking-tools","makefile","python","reverse-engineering","shell"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Solomonkassa.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-01-23T15:06:18.000Z","updated_at":"2026-01-23T22:21:10.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/Solomonkassa/assembly-reverse-engineering","commit_stats":null,"previous_names":["solomonkassa/assembly-reverse-engineering"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/Solomonkassa/assembly-reverse-engineering","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Solomonkassa%2Fassembly-reverse-engineering","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Solomonkassa%2Fassembly-reverse-engineering/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Solomonkassa%2Fassembly-reverse-engineering/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Solomonkassa%2Fassembly-reverse-engineering/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Solomonkassa","download_url":"https://codeload.github.com/Solomonkassa/assembly-reverse-engineering/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Solomonkassa%2Fassembly-reverse-engineering/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31371636,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-03T17:53:18.093Z","status":"ssl_error","status_checked_at":"2026-04-03T17:53:17.617Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["assembly","c","docker","documentation","ethical-hacking","ethical-hacking-tools","makefile","python","reverse-engineering","shell"],"created_at":"2026-04-03T19:01:32.294Z","updated_at":"2026-04-03T19:01:43.082Z","avatar_url":"https://github.com/Solomonkassa.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n\n# Assembly Reverse Engineering Mastery\n\n## Repository Structure\n\n```\nassembly-reverse-engineering/\nโ”œโ”€โ”€ README.md\nโ”œโ”€โ”€ LICENSE\nโ”œโ”€โ”€ .github/\nโ”‚ โ””โ”€โ”€ workflows/\nโ”‚ โ””โ”€โ”€ ci.yml\nโ”œโ”€โ”€ src/\nโ”‚ โ”œโ”€โ”€ x86_64/\nโ”‚ โ”‚ โ”œโ”€โ”€ basics/\nโ”‚ โ”‚ โ”œโ”€โ”€ advanced/\nโ”‚ โ”‚ โ”œโ”€โ”€ anti-debug/\nโ”‚ โ”‚ โ””โ”€โ”€ malware-analysis/\nโ”‚ โ”œโ”€โ”€ arm/\nโ”‚ โ”‚ โ”œโ”€โ”€ arm32/\nโ”‚ โ”‚ โ””โ”€โ”€ arm64/\nโ”‚ โ”œโ”€โ”€ mips/\nโ”‚ โ””โ”€โ”€ shellcode/\nโ”œโ”€โ”€ examples/\nโ”‚ โ”œโ”€โ”€ crackmes/\nโ”‚ โ”œโ”€โ”€ keygenners/\nโ”‚ โ”œโ”€โ”€ packers/\nโ”‚ โ””โ”€โ”€ unpackers/\nโ”œโ”€โ”€ tools/\nโ”‚ โ”œโ”€โ”€ disassemblers/\nโ”‚ โ”œโ”€โ”€ debuggers/\nโ”‚ โ””โ”€โ”€ custom-scripts/\nโ”œโ”€โ”€ challenges/\nโ”‚ โ”œโ”€โ”€ beginner/\nโ”‚ โ”œโ”€โ”€ intermediate/\nโ”‚ โ””โ”€โ”€ advanced/\nโ”œโ”€โ”€ docs/\nโ”‚ โ”œโ”€โ”€ cheat-sheets/\nโ”‚ โ”œโ”€โ”€ tutorials/\nโ”‚ โ””โ”€โ”€ references/\nโ””โ”€โ”€ scripts/\n โ”œโ”€โ”€ build.sh\n โ”œโ”€โ”€ test.sh\n โ””โ”€โ”€ analyze.sh\n```\n\n## README.md Template\n\n```markdown\n# ๐Ÿ›ก๏ธ Assembly Reverse Engineering Mastery\n\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n[![GitHub stars](https://img.shields.io/github/stars/yourusername/assembly-reverse-engineering.svg)](https://github.com/yourusername/assembly-reverse-engineering/stargazers)\n[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg)](http://makeapullrequest.com)\n\nA comprehensive collection of assembly language resources, tools, and challenges for reverse engineering and binary analysis.\n\n## ๐Ÿ”ฅ Features\n\n- **Multi-architecture Support**: x86/x64, ARM, MIPS, PowerPC\n- **Real-world Examples**: Malware samples, packed executables, anti-debug techniques\n- **Hands-on Challenges**: Crackmes, keygenners, and reversing challenges\n- **Production Tools**: Custom disassemblers, debugger scripts, analysis frameworks\n- **Educational Content**: From basics to advanced exploitation techniques\n\n## ๐Ÿš€ Quick Start\n\n```bash\n# Clone the repository\ngit clone https://github.com/solomonkassa/assembly-reverse-engineering.git\ncd assembly-reverse-engineering\n\n# Setup environment\n./scripts/setup.sh\n\n# Build examples\n./scripts/build.sh\n```\n\n## ๐Ÿ“š Architecture Modules\n\n### x86/x64\n- Basic to advanced instruction sets\n- System calls and calling conventions\n- Shellcode development\n- Anti-analysis techniques\n\n### ARM\n- ARM32 and ARM64 architectures\n- Thumb/ARM mode switching\n- iOS/Android binary analysis\n- Embedded systems reversing\n\n### MIPS/PowerPC\n- Router/embedded device firmware\n- Game console reversing\n- Network device analysis\n\n## ๐Ÿ› ๏ธ Tools Included\n\n### Custom Disassemblers\n```python\n# Example: Capstone-based disassembler\nfrom capstone import *\nimport struct\n\nclass AdvancedDisassembler:\n def __init__(self, arch=CS_ARCH_X86, mode=CS_MODE_64):\n self.md = Cs(arch, mode)\n self.md.detail = True\n \n def analyze_function(self, binary, address):\n # Advanced function analysis\n pass\n```\n\n### Debugger Scripts\n- GDB/PEDA enhancements\n- WinDbg scripts for Windows reversing\n- Radare2 automation scripts\n- Frida hooks for dynamic analysis\n\n### Analysis Frameworks\n- Binary similarity detection\n- Vulnerability pattern matching\n- Code emulation sandbox\n\n## ๐ŸŽฏ Challenges\n\n### Beginner Level\n1. **Simple Crackme** - Basic string comparison\n2. **License Validator** - Serial number generation\n3. **Simple Packer** - XOR-based encryption\n\n### Intermediate Level\n1. **Anti-Debug Bypass** - Ptrace detection evasion\n2. **Obfuscated Code** - Control flow flattening\n3. **Custom Crypto** - Roll-your-own encryption\n\n### Advanced Level\n1. **VM Protected Binary** - Virtual machine analysis\n2. **Kernel Driver** - Ring-0 code analysis\n3. **APT Malware** - Real-world threat analysis\n\n## ๐Ÿ“– Documentation\n\n- [Getting Started](docs/GETTING_STARTED.md)\n- [Assembly Cheat Sheets](docs/cheat-sheets/)\n- [Tool Usage Guides](docs/tutorials/)\n- [Research Papers](docs/references/)\n\n## ๐Ÿ”ฌ Example: Analyzing Shellcode\n\n```assembly\n; Position-independent shellcode example\nsection .text\nglobal _start\n\n_start:\n ; Linux x64 execve(\"/bin/sh\", NULL, NULL)\n xor rdx, rdx ; NULL envp\n push rdx ; NULL terminate\n mov rbx, '/bin//sh' ; 8 bytes\n push rbx\n mov rdi, rsp ; ptr to \"/bin//sh\"\n push rdx ; NULL argv[1]\n push rdi ; argv[0] = \"/bin//sh\"\n mov rsi, rsp ; ptr to argv\n xor rax, rax\n mov al, 59 ; syscall execve\n syscall\n```\n\n## ๐Ÿงช Testing Framework\n\n```python\nimport pytest\nfrom src.tools.disassembler import Disassembler\n\nclass TestDisassembler:\n def test_x86_disassembly(self):\n code = b\"\\x55\\x48\\x89\\xe5\" # push rbp; mov rbp, rsp\n disasm = Disassembler(CS_ARCH_X86, CS_MODE_64)\n result = disasm.disassemble(code, 0x1000)\n assert len(result) == 2\n \n def test_shellcode_analysis(self):\n # Test shellcode detection\n pass\n```\n\n## ๐Ÿค Contributing\n\nWe welcome contributions! Please see [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.\n\n1. Fork the repository\n2. Create a feature branch\n3. Add tests for new functionality\n4. Submit a pull request\n\n## ๐Ÿ“ License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\n\n## โญ Star History\n\n[![Star History Chart](https://api.star-history.com/svg?repos=yourusername/assembly-reverse-engineering\u0026type=Date)](https://star-history.com/#yourusername/assembly-reverse-engineering)\n\n## ๐Ÿ™ Acknowledgments\n\n- [Capstone Engine](http://www.capstone-engine.org/)\n- [Radare2](https://rada.re/n/)\n- [Ghidra](https://ghidra-sre.org/)\n- All security researchers and reversers\n\n---\n\n**Disclaimer**: This repository is for educational purposes only. Only analyze binaries you own or have permission to analyze.\n```\n\n## Key Files to Include\n\n### 1. **CONTRIBUTING.md**\n```markdown\n# Contributing Guidelines\n\n## Adding New Challenges\n1. Include both binary and source code\n2. Provide solution write-up\n3. Add difficulty rating\n4. Include hints\n\n## Code Standards\n- Use NASM syntax for x86\n- Use GCC inline assembly for modern examples\n- Comment complex assembly instructions\n- Include build scripts\n```\n\n### 2. **src/tools/advanced_disassembler.py**\n```python\n#!/usr/bin/env python3\n\"\"\"\nAdvanced Multi-Architecture Disassembler\n\"\"\"\n\nfrom capstone import *\nfrom capstone.x86 import *\nimport argparse\nimport struct\nimport pefile\nimport elftools\n\nclass ReverseEngineeringToolkit:\n def __init__(self):\n self.architectures = {\n 'x86': (CS_ARCH_X86, CS_MODE_32),\n 'x64': (CS_ARCH_X86, CS_MODE_64),\n 'arm': (CS_ARCH_ARM, CS_MODE_ARM),\n 'arm64': (CS_ARCH_ARM64, CS_MODE_ARM),\n 'mips': (CS_ARCH_MIPS, CS_MODE_MIPS32)\n }\n \n def analyze_binary(self, filepath):\n \"\"\"Complete binary analysis with multiple techniques\"\"\"\n analysis = {\n 'sections': [],\n 'imports': [],\n 'exports': [],\n 'functions': [],\n 'strings': [],\n 'potential_shellcode': []\n }\n \n # Add analysis logic here\n return analysis\n \n def find_shellcode_patterns(self, code):\n \"\"\"Detect common shellcode patterns\"\"\"\n patterns = {\n 'execve': [\n b'\\x31\\xc0\\x50\\x68\\x2f\\x2f\\x73\\x68', // xor eax, eax; push eax; etc.\n b'\\x48\\x31\\xd2\\x48\\xbb\\x2f\\x2f\\x62' // x64 execve\n ],\n 'bind_shell': [\n b'\\x31\\xc0\\x31\\xdb\\x31\\xc9\\x31\\xd2' // socket creation\n ]\n }\n \n for name, pattern_list in patterns.items():\n for pattern in pattern_list:\n if pattern in code:\n return name\n return None\n```\n\n### 3. **examples/crackmes/level1/solution.md**\n```markdown\n# Level 1 Crackme Solution\n\n## Binary Analysis\n- Architecture: x64 ELF\n- Protections: None\n- Difficulty: Easy\n\n## Reversing Process\n1. Strings analysis reveals \"Password: \" and \"Access Granted\"\n2. IDA Pro/Ghidra shows simple strcmp at 0x401234\n3. Password is stored at 0x402000\n\n## Key Points\n```assembly\n; Main validation routine\nlea rdi, [rip+password] ; Load password\ncall _strcmp\ntest eax, eax\njz access_granted\n```\n\n## Password: `MyFirstCrackme123!`\n```\n\n### 4. **scripts/setup.sh**\n```bash\n#!/bin/bash\n# Setup script for reverse engineering environment\n\necho \"Setting up Assembly Reverse Engineering Environment...\"\n\n# Install dependencies\nsudo apt-get update\nsudo apt-get install -y \\\n nasm \\\n gcc \\\n gdb \\\n radare2 \\\n binutils \\\n build-essential \\\n python3 \\\n python3-pip\n\n# Install Python packages\npip3 install capstone keystone-engine unicorn ropper angr\n\n# Install optional tools\nsudo apt-get install -y \\\n ltrace \\\n strace \\\n checksec \\\n seccomp-tools\n\necho \"Environment setup complete!\"\n```\n\n### 5. **docs/cheat-sheets/x64.md**\n```markdown\n# x64 Assembly Cheat Sheet\n\n## Registers\n- RAX, RBX, RCX, RDX - General purpose\n- RSI, RDI - Source/Destination index\n- RBP, RSP - Base/Stack pointers\n- RIP - Instruction pointer\n- R8-R15 - Additional general purpose\n\n## Common Instructions\n```\nmov rax, rbx ; Move\nadd rax, 0x10 ; Add\nsub rsp, 0x20 ; Subtract\ncmp rax, rbx ; Compare\njz label ; Jump if zero\ncall function ; Call function\nret ; Return\nsyscall ; System call\n```\n\n## System Calls (Linux x64)\n- 0 - read\n- 1 - write\n- 2 - open\n- 59 - execve\n- 60 - exit\n```\n\n## Advanced Features to Implement\n\n### 1. **Automated Analysis Pipeline**\n```python\nclass AutomatedAnalyzer:\n def __init__(self):\n self.analyzers = [\n StringsAnalyzer(),\n FunctionAnalyzer(),\n CFGAnalyzer(),\n VulnerabilityScanner()\n ]\n \n def full_analysis(self, binary):\n results = {}\n for analyzer in self.analyzers:\n results.update(analyzer.analyze(binary))\n return self.generate_report(results)\n```\n\n### 2. **CTF Challenge Generator**\n```python\nclass ChallengeGenerator:\n def generate_crackme(self, difficulty):\n template = self.load_template(difficulty)\n obfuscation = self.apply_obfuscation(template)\n return self.compile_challenge(obfuscation)\n```\n\n### 3. **Shellcode Encoder/Decoder**\n```python\nclass ShellcodeEngine:\n def encode(self, shellcode, encoder_type=\"xor\"):\n if encoder_type == \"xor\":\n key = random.randint(1, 255)\n encoded = bytes([b ^ key for b in shellcode])\n decoder = self.generate_xor_decoder(key)\n return decoder + encoded\n```\n\n## GitHub Actions Workflow (.github/workflows/ci.yml)\n```yaml\nname: CI/CD Pipeline\n\non: [push, pull_request]\n\njobs:\n build-and-test:\n runs-on: ubuntu-latest\n \n steps:\n - uses: actions/checkout@v2\n \n - name: Setup environment\n run: ./scripts/setup.sh\n \n - name: Build examples\n run: ./scripts/build.sh\n \n - name: Run tests\n run: ./scripts/test.sh\n \n - name: Security scan\n run: |\n checksec ./examples/crackmes/*.elf\n strings ./examples/crackmes/*.elf | grep -i \"password\\|key\\|secret\"\n```\n\n## Repository Features to Highlight\n\n1. **Comprehensive Documentation**: From basics to advanced topics\n2. **Real-world Examples**: Actual malware samples (anonymized)\n3. **Interactive Learning**: Jupyter notebooks with assembly\n4. **Community Challenges**: Regularly updated CTF-style challenges\n5. **Tool Development**: Learn by building your own RE tools\n6. **Multi-Platform**: Windows, Linux, macOS, embedded systems\n7. **Modern Techniques**: Anti-RE, virtualization, obfuscation\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsolomonkassa%2Fassembly-reverse-engineering","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsolomonkassa%2Fassembly-reverse-engineering","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsolomonkassa%2Fassembly-reverse-engineering/lists"}