The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
{{Project | {{Project | ||
|name=52455645525345 | |name=52455645525345 | ||
|description=Reverse Engineering | |description=Reverse Engineering Workshop | ||
|project category=Meet-Up | |project category=Meet-Up | ||
|location=Chaosdorf | |location=Chaosdorf | ||
Line 8: | Line 8: | ||
|people={{U|barbieauglend}} | |people={{U|barbieauglend}} | ||
}} | }} | ||
{{Event | {{Event | ||
|Title=52455645525345 | |Title=52455645525345 | ||
|Description= | |Description=Reverse Engineering Workshop | ||
|Type=Workshop | |Type=Workshop | ||
|Date= | |Date=2018-07-16 | ||
|Start=18:00 | |Start=18:00 | ||
|Host=barbieauglend | |Host=barbieauglend | ||
|isRelevant=Yes | |isRelevant=Yes | ||
}} | }} | ||
<br> | |||
<br> | |||
<font size="3">ReVeRsE Engineering - Welcome to the page of the reverse engineering group!</font><br> | |||
= | <br>Reverse Engineering PEs is fun! It's like a puzzle and if there is an algorithm out there that can solve this puzzle, it's your brain =) | ||
<br>I, {{U|barbieauglend}}, would love to take a look at binaries with you and figure out together what the programs do. They are often a lot easier than you might think! | |||
= | <br>If you want to participate, you will need a laptop (with charger!) with a Windows 7 guest machine. If you don't have it or have problems organizing it, please let me know before the workshop =) We can manage something! And if you have any questions, feel free to contact me under {{mailto|barbieauglend@chaosdorf.de}}! | ||
== Please read == | |||
Requirements: | |||
- Virtual machine software (VMWare, VirtualBox etc...) | - Virtual machine software (VMWare, VirtualBox etc...) | ||
Line 99: | Line 37: | ||
- Microsoft Visual Studio 2008 redistributable package | - Microsoft Visual Studio 2008 redistributable package | ||
Let's dive into the | Let's dive into the blackhole of compiled code and understand the internals of the software running in our computer. It doesn't matter if you want to fix a broken gadget or save your files (now you know why to backup, right!?) from a ransomware, it is elementary to understand how they work. This is Reverse Engineering (RE), and it is done every day from recreating outdated and incompatible software, understanding malicious code, or exploiting weaknesses in software. | ||
We are going to try to cover topics like: | We are going to try to cover topics like: | ||
Line 112: | Line 50: | ||
* Dynamic Analysis tools and techniques for RE | * Dynamic Analysis tools and techniques for RE | ||
I am going to bring some nice binaries which we can go through together. We are going to explore how static reverse engineering works and how can we use it to understand what a piece of malware does (hopefully). | I am going to bring some nice binaries which we can go through together. We are going to explore how static reverse engineering works and how can we use it to understand what a piece of malware does (hopefully!). | ||
== Participants (please register!) == | |||
* {{U|Ilias}} | * {{U|Ilias}} | ||
* {{U|hanemile}} | * {{U|hanemile}} | ||
* divado | * divado | ||
* r2co | * r2co | ||
*ueberspitz | |||
*ocyphert | *ocyphert | ||
* | |||
== other related things == | |||
* [https://www.garykessler.net/library/file_sigs.html File signatures] | |||
* [https://events.ccc.de/congress/2014/Fahrplan/system/attachments/2562/original/Funky_File_Formats.pdf File Formats] | |||
* [http://archive.hack.lu/2015/Albertini%20-%20Trusting%20files.pdf Moaaarr File Formats] | |||
* [https://pixl.dy.fi/posts/2018-01-22-reverse-engineering-basics-with-radare-fundamentals-and-basics/ Nice good to know before starting RE!] |