Generic Reverse Engineering Algorithm

Source: OpenSecurityTraining

Gather information
- IAT (Import Address Table)
- Strings
- Dynamic analysis
Identify function of interest
Identify CALLs
Identify algorithms and data structures
Pseudo-code it!
- If having trouble, draw the memory and CPU and map what happens at each instruction
Rename function(s), argument(s), variable(s)
Add comments
GOTO 2

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

%d bloggers like this:

	Peter Kruse on Let’s Learn: In-Depth on…
	mark Johnson on Malware Traffic Internals: Bla…
	Passion on Let’s Learn: In-Depth Re…
	Unknown on Programming Challenge in …
	Hung-Ting on Installing Cuckoo Sandbox on M…

	Peter Kruse on Let’s Learn: In-Depth on…
	mark Johnson on Malware Traffic Internals: Bla…
	Passion on Let’s Learn: In-Depth Re…
	Unknown on Programming Challenge in …
	Hung-Ting on Installing Cuckoo Sandbox on M…

	Peter Kruse on Let’s Learn: In-Depth on…
	mark Johnson on Malware Traffic Internals: Bla…
	Passion on Let’s Learn: In-Depth Re…
	Unknown on Programming Challenge in …
	Hung-Ting on Installing Cuckoo Sandbox on M…