Generic Reverse Engineering Algorithm

​Source: OpenSecurityTraining

  1. Gather information
    • IAT (Import Address Table)
    • Strings
    • Dynamic analysis
  2. Identify function of interest
  3. Identify CALLs
  4. Identify algorithms and data structures
  5. Pseudo-code it!
    • If having trouble, draw the memory and CPU and map what happens at each instruction
  6. Rename function(s), argument(s), variable(s)
  7. Add comments
  8. GOTO 2

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s