HACKE-RC/awesome-reversing

# 逆向工程资源 ⚡ 从头到尾学习逆向工程的最高质量资源！ [学习路线图](https://wiki.bi0s.in/reversing/roadmap) # 目录 - [汇编语言](#assembly) * [Linux 相关](#linux-specific) * [Windows 相关](#windows-specific) * [其他资源](#miscellaneous) - [操作系统内核原理](#operating-system-internals) - [汇编项目](#assembly-projects) - [入门指南](#getting-started) - [动手实践](#getting-your-hands-dirty) - [反混淆](#deobfuscation) - [反调试与反分析](#anti-debug-and-anti-analysis) - [反分析](#anti-analysis) - [C++ 逆向](#c-reversing) - [优秀的 Windows 内核原理博客](#great-blogs-on-windows-internals) - [其他](#others) - [符号执行](#symbolic-execution) ## 汇编语言 我个人最喜欢的汇编语言资源是《[Computer Systems: A Programmer's Perspective](https://csapp.cs.cmu.edu)》一书中的第 3 章，但如果你不喜欢看书，可以查看以下资源： ### Linux 相关 - [汇编教程](https://asmtutor.com/) - [汇编的艺术](https://www.plantation-productions.com/Webster/www.artofasm.com/Linux/index.html) ### Windows 相关 - [https://www.plantation-productions.com/Webster/www.artofasm.com/Windows/index.html](https://www.plantation-productions.com/Webster/www.artofasm.com/Windows/index.html) - [汇编教程](https://sonictk.github.io/asm_tutorial/) ### 其他资源 - [了解 CPU 的工作原理](https://cpu.land) - [https://www.felixcloutier.com/x86/index.html](https://www.felixcloutier.com/x86/index.html) - [https://cs.lmu.edu/~ray/notes/x86assembly/](https://cs.lmu.edu/~ray/notes/x86assembly/) - [https://godbolt.org](https://godbolt.org/) - [https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+Arch1001_x86-64_Asm+2021_v1/about](https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+Arch1001_x86-64_Asm+2021_v1/about) ## 汇编项目 在学习了汇编语言之后，你可以尝试一些项目，比如制作一个 bootloader 或一个完整的简单操作系统。 我写过一篇关于这个主题的博客，在[这里](https://de-engineer.github.io/Understanding-booting-process-and-writing-own-os/)。 - [http://brokenthorn.com/Resources/OSDev1.html](http://brokenthorn.com/Resources/OSDev1.html) - [https://raw.githubusercontent.com/tuhdo/os01/master/Operating_Systems_From_0_to_1.pdf](ttps://raw.githubusercontent.com/tuhdo/os01/master/Operating_Systems_From_0_to_1.pdf) - [https://cs.bham.ac.uk/~exr/lectures/opsys/10_11/lectures/os-dev.pdf](https://cs.bham.ac.uk/~exr/lectures/opsys/10_11/lectures/os-dev.pdf) - [通过从头编写 GUI 学习 x86-64 汇编](https://gaultier.github.io/blog/x11_x64.html) ## 操作系统内核原理 如果你想通过阅读书籍来学习操作系统，可以按照以下顺序进行： 1. The Elements of Computer Science (TECS) 与 [Nand2Tetris (讲座)](https://www.coursera.org/learn/build-a-computer) 2. [Computer Systems: A Programmer's Perspective](https://csapp.cs.cmu.edu) 与 [讲座](https://scs.hosted.panopto.com/Panopto/Pages/Sessions/List.aspx#folderID=%22b96d90ae-9871-4fae-91e2-b1627b43e25e%22) 3. Operating Systems: Three Easy Pieces 与 [讲座](https://www.youtube.com/watch?v=DcBa3dBBOtM&list=PLRJWiLCmxyxi2RCPVYfewxJIWJzc_colw) 如果你不喜欢看书，可以查看以下资源： - [https://www.youtube.com/playlist?list=PLmbPuZ0NsyGS8ef6zaHd2qYylzsHxL63x](https://www.youtube.com/playlist?list=PLmbPuZ0NsyGS8ef6zaHd2qYylzsHxL63x) - [https://www.youtube.com/playlist?list=PLgre7dUq8DGKbtnlMuJPvPYlvLdXOC9uh](https://www.youtube.com/playlist?list=PLgre7dUq8DGKbtnlMuJPvPYlvLdXOC9uh) - [https://pages.cs.wisc.edu/~remzi/OSTEP/](https://pages.cs.wisc.edu/~remzi/OSTEP/) - [操作系统课程（推荐）](https://www.youtube.com/playlist?list=PLunILarQwxnl0SZ2zsgyVjU9NDD_Rn-re) ## 入门指南 - [免费 crackmes](https://crackmy.app) - [逆向工程路线图](https://wiki.bi0s.in/reversing/roadmap) - [COMPSCI 390R - 逆向工程与漏洞分析](https://pwn.umasscybersec.org/lectures/index.html) - [https://www.begin.re](https://www.begin.re/) - [https://artik.blue/reversing](https://artik.blue/reversing) - [https://legend.octopuslabs.io/sample-page.html](https://legend.octopuslabs.io/sample-page.html) - [https://www.youtube.com/watch?v=mDyQkV7-yJk](https://www.youtube.com/watch?v=mDyQBM-_T1g) - [https://www.youtube.com/watch?v=gPsYkV7-yJk](https://www.youtube.com/watch?v=gPsYkV7-yJk) - [https://www.youtube.com/watch?v=d4Pgi5XML8E](https://www.youtube.com/watch?v=d4Pgi5XML8E) - [https://www.youtube.com/watch?v=9vKG8-TnawY](https://www.youtube.com/watch?v=9vKG8-TnawY)（推荐） ## 动手实践 - [https://crackmes.one](https://crackmes.one/) - [http://reversing.kr/challenge.php](http://reversing.kr/challenge.php) - [https://github.com/Maijin/radare2-workshop-2015/tree/master/IOLI-crackme](https://github.com/Maijin/radare2-workshop-2015/tree/master/IOLI-crackme) - [http://reversing.kr/challenge.php](http://reversing.kr/challenge.php) - [https://0x00sec.org/t/challenge-collection-reverse-engineering-and-crackme/3027](https://0x00sec.org/t/challenge-collection-reverse-engineering-and-crackme/3027) - [恶意软件分析的 Youtube 播放列表](https://www.youtube.com/watch?v=n06QSoICU6c&list=PLt9cUwGw6CYG2DSfjXEE3GotkQDa5b-6s) - [二进制分析免费课程](https://maxkersten.nl/binary-analysis-course/) ## 反混淆 - [https://www.vadesecure.com/en/blog/malware-analysis-understanding-code-obfuscation-techniques](https://www.vadesecure.com/en/blog/malware-analysis-understanding-code-obfuscation-techniques) - [https://www.youtube.com/watch?v=bEsQ8UYioU4](https://www.youtube.com/watch?v=bEsQ8UYioU4) - [https://0x00sec.org/t/packers-executable-compression-and-data-obfuscation/847](https://0x00sec.org/t/packers-executable-compression-and-data-obfuscation/847) - [https://www.blackhat.com/presentations/bh-usa-07/Yason/Whitepaper/bh-usa-07-yason-WP.pdf](https://www.blackhat.com/presentations/bh-usa-07/Yason/Whitepaper/bh-usa-07-yason-WP.pdf) - [https://www.varonis.com/blog/x64dbg-unpack-malware](https://www.varonis.com/blog/x64dbg-unpack-malware) - [https://apr4h.github.io/2021-05-01-Manually-Unpacking-Remcos-Malware/](https://apr4h.github.io/2021-05-01-Manually-Unpacking-Remcos-Malware/) - [https://www.youtube.com/watch?v=EdchPEHnohw](https://www.youtube.com/watch?v=EdchPEHnohw) - [https://www.youtube.com/playlist?list=PLynb9SXC4yER8NinXJwV4GHUM9-jaIsN_](https://www.youtube.com/playlist?list=PLynb9SXC4yER8NinXJwV4GHUM9-jaIsN_) ## 反调试与反分析 - [https://iopscience.iop.org/article/10.1088/1742-6596/1744/4/042186/pdf](https://iopscience.iop.org/article/10.1088/1742-6596/1744/4/042186/pdf) - [https://wikileaks.org/vault7/document/2015-07-PoC-Anti_Debugging_and_Anti_Emulation/2015-07-PoC-Anti_Debugging_and_Anti_Emulation.pdf](https://wikileaks.org/vault7/document/2015-07-PoC-Anti_Debugging_and_Anti_Emulation/2015-07-PoC-Anti_Debugging_and_Anti_Emulation.pdf) - [https://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf](https://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf) - [https://anti-debug.checkpoint.com/](https://anti-debug.checkpoint.com/) - [https://www.youtube.com/watch?v=WlE8abc8V-4&feature=emb_title](https://www.youtube.com/watch?v=WlE8abc8V-4&feature=emb_title) ## 反分析 - [https://www.malwarebytes.com/blog/news/2014/09/five-anti-debugging-tricks-that-sometimes-fool-analysts](https://www.malwarebytes.com/blog/news/2014/09/five-anti-debugging-tricks-that-sometimes-fool-analysts) - [https://www.oic-cert.org/en/download/Anti-Analysis techniques (OIC Talk).pdf](https://www.oic-cert.org/en/download/Anti-Analysis%20techniques%20(OIC%20Talk).pdf) - [https://www.cynet.com/attack-techniques-hands-on/malware-anti-vm-techniques/](https://www.cynet.com/attack-techniques-hands-on/malware-anti-vm-techniques/) - [https://www.youtube.com/watch?v=5NO-W3SVjak&feature=emb_title](https://www.youtube.com/watch?v=5NO-W3SVjak&feature=emb_title) ## C++ 逆向 - [逆向 C++ 虚函数](https://alschwalm.com/blog/static/2016/12/17/reversing-c-virtual-functions/) - [逆向 C++](https://www.blackhat.com/presentations/bh-dc-07/Sabanal_Yason/Paper/bh-dc-07-Sabanal_Yason-WP.pdf) ## Windows 研究 如果你想从事 Windows 研究，那么你需要学习 Windows 内核原理。 - [我关于 Windows 内核原理的博客](https://de-engineer.github.io) - [由微软出版的关于 Windows 内核原理的书籍。将其作为参考书，在需要时用来学习特定主题](https://learn.microsoft.com/en-us/sysinternals/resources/windows-internals) - [拥有最佳视频课程](https://www.pluralsight.com/authors/pavel-yosifovich) - [Windows 进程内部机制](https://www.youtube.com/watch?v=4AkzIbmI3q4&feature=emb_title) - [Windows 内核原理概述](https://samsclass.info/140/lec/Excerpted-PRE07_Solomon.pdf) - [Windows 内核原理简介](https://vimeo.com/49347561) - [带有代码示例的 Win32 编程](https://installsetupconfig.com/win32programming) - [Windows API 编程笔记](https://caiorss.github.io/C-Cpp-Notes/WindowsAPI-cpp.html) - [Windows 未公开函数文档](http://undoc.airesoft.co.uk) - [Windows 未公开内容文档](https://geoffchappell.com/index.htm) - [Windows 内核原理（第 7 版）工具](https://github.com/zodiacon/windowsinternals) - [ReactOS 的完整源代码（Windows 的开源重新实现）](https://doxygen.reactos.org/index.html) - [设备驱动程序、内核和 HAL 使用的关键数据结构说明](https://codemachine.com/articles/kernel_structures.html) - [查看 6000 多个 Windows 未公开结构](https://www.vergiliusproject.com/) - [高级 Windows 开发资源](https://pastebin.com/NXxrYHp8) - [理解 EPROCESS 数据结构](https://info-savvy.com/understanding-eprocess-structure/) - [NT 句柄表](https://www.cs.miami.edu/home/burt/journal/NT/handle_table.html) - [Windows 中线程挂起机制剖析](https://ntopcode.wordpress.com/2018/01/16/anatomy-of-the-thread-suspension-mechanism-in-windows-windows-internals/) - [Windows 结构的自动生成差异对比](http://terminus.rewolf.pl/terminus/) - [Windows 线程调度](https://www.i.u-tokyo.ac.jp/edu/training/ss/lecture/new-documents/Lectures/03-ThreadScheduling/ThreadScheduling.pdf) - [内核回调函数](https://codemachine.com/articles/kernel_callback_functions.html) - [NT API 函数的反编译](http://likeagod.revers.engineering) ## 优秀的 Windows 内核原理博客 - [https://secret.club](https://secret.club/) - [wumb0.in](https://t.co/TQttGxnkVF) - [voidsec.com](https://t.co/Rz220SAwbt) - [https://poppopret.blogspot.com/?m=1](https://poppopret.blogspot.com/?m=1) - [https://www.ragestorm.net/blogs/?cat=13](https://www.ragestorm.net/blogs/?cat=13) - [https://www.x86matthew.com](https://www.x86matthew.com/) - [https://www.tiraniddo.dev](https://www.tiraniddo.dev/) - [https://googleprojectzero.blogspot.com](https://googleprojectzero.blogspot.com/) ## 其他 - [GuidedHacking](https://guidedhacking.com) - [面向逆向工程师的编译器优化](https://www.msreverseengineering.com/blog/2014/6/23/compiler-optimizations-for-reverse-engineers) - [逆向故事：为 Windows 10 x64 更新未公开的 ESTROBJ 和 STROBJ 结构](https://versprite.com/blog/security-research/reverse-engineering-undocumented-structures/) - [Windows 内核驱动程序静态逆向工程方法论](https://posts.specterops.io/methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83) - [我从逆向工程 Windows 容器中学到的知识](https://unit42.paloaltonetworks.com/what-i-learned-from-reverse-engineering-windows-containers/) - [Windows 内核中的 Syscall 之旅](https://alice.climent-pommeret.red/posts/a-syscall-journey-in-the-windows-kernel/) - [使用 HyperDbg 进行逆向 - OpenSecurityTraining](https://www.youtube.com/playlist?list=PLUFkSN0XLZ-kF1f143wlw8ujlH2A45nZY) ## 符号执行 - [SMT 求解器简介 - z3 概述](https://de-engineer.github.io/SMT-Solvers/) - [MIT 的符号执行视频讲座](https://www.youtube.com/watch?v=yRVZPvHYHzw) - [符号执行视频讲座](https://pwn.umasscybersec.org/lectures/index.html) - [涵盖 z3 基础知识的 Youtube 视频](https://www.youtube.com/watch?v=kZd1Hi0ZBYc) - [学习 z3](https://github.com/ViRb3/z3-python-ctf) - [符号分析课程](https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+RE3201_symexec+2021_V1/course) - https://sat-smt.codes/SAT_SMT_by_example.pdf

标签：C2框架, C++逆向, DAST, DOM解析, Roadmap, UML, Windows Internals, x86-64, 二进制分析, 云安全运维, 云资产清单, 去混淆, 反分析, 反调试, 安全学习资源, 安全教程, 快速连接, 恶意软件分析, 操作系统底层, 汇编语言, 符号执行, 网络安全, 资源集合, 逆向工程, 隐私保护