Lista de recursos para aprender ingeniería inversa

Empezamos la semana con un recopilatorio de enlaces para aprender/repasar ingeniería inversa de Jackson Thuraisamy de Security Compass. Básicamente es una serie de recursos que su autor fue recopilando mientras estuvo aprendiendo a encontrar vulnerabilidades de corrupción de memoria en Windows. El resultado es una lista bastante actualizada y variada con vídeos, artículos, tutoriales, writeups, etc., que siempre conviene tener a mano para revisar. Aquí os la dejo:
  1. LiveOverflow Binary Hacking🌟💬
  2. OpenSecurityTraining.info: Introductory Intel x86🌟
  3. OpenSecurityTraining.info: Introduction to Reverse Engineering Software
  4. RPISEC: Modern Binary Exploitation🌟
  5. OpenSecurityTraining.info: The Life of Binaries
  6. OpenSecurityTraining.info: Reverse Engineering Malware
  7. RPISEC: Malware Analysis
  8. The C Programming Language (K&R)
  9. The GNU C Reference Manual
  10. Learn C the Hard Way
  11. Learn C in Y Minutes
  12. Practical Reverse Engineering🌟💬
  13. Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software🌟💬
  14. Assembly Language Step-by-Step: Programming with Linux
  15. Wikibooks: x86 Disassembly
  16. A Bug Hunter's Diary🌟💬
  17. Reversing: Secrets of Reverse Engineering🌟💬
  18. The Shellcoder's Handbook: Discovering and Exploiting Security Holes
  19. Windows Internals🌟
  20. Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats
  21. Basic Dynamic Analysis with IDA Pro and WinDbg💬
  22. A Link to the Past: Abusing Symbolic Links on Windows
  23. Windows Kernel Graphics Driver Attack Surface
  24. bee13oy: Attacking Antivirus Software's Kernel Driver💬
  25. Direct X: Direct Way to Microsoft Windows Kernel
  26. A Window Into Ring 0
  27. Windows Drivers Attack Surface
  28. Malware Unicorn: Reverse Engineering Malware 101🌟
  29. HumbleSec: Assembly to Pseudocode Manually💬
  30. Mozilla: A Crash Course in Memory Management
  31. Corelan Team Exploit Writing
  32. Hacking the PS4: Userland ROP💬
  33. What is a "good" memory corruption vulnerability?🌟
  34. Attacking JavaScript Engines: A case study of JavaScriptCore and CVE-2016-4622
  35. The Stack Clash (Qualys Security Advisory)
  36. Windows Kernel Exploitation Part 3: Arb. Overwrite, NULL Ptr, Type Confusion And Int. Overflow Examples
  37. Windows Kernel Exploitation Part 4: Introduction to Windows Kernel Pool Exploitation
  38. hasherezade: Starting with Windows Kernel Exploitation
  39. Windows Kernel Exploitation Part 0: Kernel Debugging
  40. Windows Kernel Exploitation Part 1: Getting Started With The HackSysTeam Extremely Vulnerable Driver
  41. Windows Kernel Exploitation Part 2: My First Kernel Exploit
  42. A Brief Introduction To Using Z3 With Python
  43. FuzzySecurity Tutorials🌟💬
  44. phoenhex team write-ups🌟💬
  45. Project Zero Issue Tracker🌟💬
  46. Flare-On Challenge Solutions: 2015
  47. Flare-On Challenge Solutions: 2016
  48. Exploiting a Firefox UAF with Shared Array Buffers
  49. Analysis and Exploitation of an ESET Vulnerability
  50. Attacking the Windows NVIDIA Driver
  51. Smashing Flare-On #2 with Concolic Testing
  52. Windows Kernel Resources💬
  53. Dennis Yurichev's Reversing Challenges
  54. Exploit Exercises🌟
  55. Flare-On Challenges
  56. Compiler Explorer🌟💬
  57. HackSys Extreme Vulnerable Windows Driver
  58. Trail of Bits: manticore
  59. Trail of Bits: mcsema💬
  60. QuarksLab: Triton
  61. UCSB: Angr
  62. CMU: Pharos
  63. CEA: miasm
  64. CEA: qira

3 comentarios :

  1. Gracias por compartir tal información.

    ResponderEliminar
  2. gracias por compartirlo,estaba buscando algo asi

    ResponderEliminar
  3. Bueno... Pues voy a intentar fumármelo todo como si de una Carrera se tratase.
    A ver hasta dónde llego.

    ResponderEliminar