Ad blocker interference detected!
Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers
Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.
This is a project to mentor people on reverse engineering of software. We will focus on Windows malware.
This is for people who have no reverse engineering skills.
Mentoring doesn't mean that we will be making a tutorial. We will point you in the right direction, but you will have to study topics we mention on your own. For example, you need to be able to read assembly language. We will point you to assembly language tutorials and mention particular points you should study. You can add your own insights and links to this Wiki.
And you can ask questions, of course. Although it is not required, please create an account to edit this Wiki, this makes it easier for us to know who posts questions.
There is a Wikibook on Reverse Engineering 
I will start the mentoring by pointing you to free tools and by creating some exercises.
My name is Didier Stevens, I have a gmail address and a blog https://DidierStevens.com.
- Reverse Engineering Mentoring Lesson 001
- Reverse Engineering Mentoring Lesson 002
- Reverse Engineering Mentoring Lesson 003
- Reverse Engineering Mentoring Lesson 004
Unpacking and Decrypting with IDA
- Does anyone have any good pointers or references to unpacking and decrypting malware, especially with IDA? (PDF reference here)
- there's static and dynamic unpacking. The rest should be easy to search (searching is part of RCE). Maybe the Titan-Framework (has C++ code that applies generic unpacking methods) is helpful. IDA is not a general all-in-one-wonder tool.