Reverse Engineer References

Hex Editors

• 010 Editor
• HexWalk
• ImHex
• Hexed.it - Great online Hexeditor
• HxD

Disassemblers

• Ghidra
• Binary Ninja
• Capstone
• fREedom
• Hopper
• IDA Pro
• JEB
• objdump
• Radare
• Evan's Debbugger (edb)

Dynamic Analysis

• Autoruns
• Process Monitor
• Process Explorer
• Process Hacker
• Noriben - Portable, Simple, Malware Analysis Sandbox
• API Monitor
• INetSim: Internet Services Simulation Suite
• FakeNet
• Volatility Framework
• Stardust
• LiME: Linux Memory Extractor

Sandbox and Stuff

• Cuckoo

Deobfuscation

• Balbuzard
• de4dot
• ex_pe_xor
• iheartxor
• FLOSS
• NoMoreXOR
• PackerAttacker
• unpacker
• unxor
• VirtualDeobfuscator
• XORBruteForcer
• XORSearch & XORStrings
• xortool

Getting into Reversing

• A repo to help break into the world of RE - a plethora of references of tools, practice sites, and other reverse engineering information

Reverse Engineering Tutorials

• Assembly Programming Tutorial
• ARM Assembly Basics
• Binary Auditing Course
• Corelan Training
• Dr. Fu's Malware Analysis
• Legend of Random
• Lenas Reversing for Newbies
• Modern Binary Exploitation
• Offensive and Defensive Android Reversing
• Offensive Security
• Open Security Training
• REcon Training
• Reverse Engineering Malware 101
• RPISEC Malware Course
• TiGa's Video Tutorials
• Malware Traffic Analysis

Other Tools

Reverse Engineering Tools

• Interactive Disassembler (IDA Pro) - Proprietary multi-processor disassembler and debugger for Windows, GNU/Linux, or macOS; also has a free version, IDA Free.
• WDK/WinDbg - Windows Driver Kit and WinDbg.
• OllyDbg - x86 debugger for Windows binaries that emphasizes binary code analysis.
• Radare2 - Open source, crossplatform reverse engineering framework.
• x64dbg - Open source x64/x32 debugger for windows.
• Immunity Debugger - Powerful way to write exploits and analyze malware.
• Evan's Debugger - OllyDbg-like debugger for GNU/Linux.
• Medusa - Open source, cross-platform interactive disassembler.
• plasma - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
• peda - Python Exploit Development Assistance for GDB.
• dnSpy - Tool to reverse engineer .NET assemblies.
• binwalk - Fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.
• PyREBox - Python scriptable Reverse Engineering sandbox by Cisco-Talos.
• Voltron - Extensible debugger UI toolkit written in Python.
• Capstone - Lightweight multi-platform, multi-architecture disassembly framework.
• rVMI - Debugger on steroids; inspect userspace processes, kernel drivers, and preboot environments in a single tool.
• Frida - Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.

Reverse Engineering CTF-like Exercises

• https://microcorruption.com/ - Given a debugger and a device, find an input that unlocks it. Solve the level with that input.
• http://reversing.kr/challenge.php - This site tests your ability to Cracking & Reverse Code Engineering.
• https://www.malwaretech.com/beginner-malware-reversing-challenges - The purpose of these challenges is to familiarize beginners with common malware techniques.
• https://crackmes.one/ - This is a simple place where you can download crackmes to improve your reverse engineering skills.
• https://challenges.re/ - Well, "challenges" is a loud word, these are rather just exercises for RE.
• https://reverse.put.as/crackmes/ - A collection of crackmes for OS X. Send them to me if you have new ones to add!
• https://join.eset.com/en/challenges - If you want to join the team that every day faces global cyber-threats, uncover a hidden puzzle in the crackme program and prove us your potential.
• http://flare-on.com/ - FireEye's challenge RE.
• https://ropemporium.com/ - Learn return-oriented programming through a series of challenges designed to teach ROP techniques in isolation, with minimal reverse-engineering and bug-hunting.