Security Basics mailing list archives

Re: Hex editor

From: Boogiebruva <boogiebruva () yahoo co uk>
Date: Sat, 21 Apr 2007 00:41:40 +0200

Ollydbg is freeware and is a work of art.
Unfortunately, the best program is not free - IDA Pro.
Before you start looking for software, though, read as much as possible
about reverse engineering. You'll soon see that each book/website
recommends different programs. Check them all out and you'll see which
ones work better for you. Reverse engineering depends on a good
foundation in assembly language - and each tutorial you read will
recommend certain software, depending on the OS involved - normally
Windo$e, as there's not much point in reversing open source software,
unless of course you're trying to reverse linux, etc specific malware.
And learning assembly is a bitch!! But it's like learning Chinese - very
hard work but you end up being able to speak with almost a billion
people - only that in this case you're learning how to speak with
computers, almost in their own tongue. With assembly, you can even make
the HD spin backwards, for crying out loud!!
Go for it!


cc wrote:

Didn't you write?:

dallas jordan wrote:

Hi all,

I would like to start trying to do some reverse engineering of
malware, just for learning purposes and I'd like to get some opinions
on a good hex editor.  Preferably freeware and beginner friendly, if
there is such.  I have looked at a couple, but wasn't sure if one was
much better than another.  I wanted to get some more experienced
user's thoughts.  Anyone have any suggestions?  Thanks.

I'd Suggest Hex workshop (you are on windows right?) I'd also suggest
for reverse engineering that you get your hands on win32dasm and ollydbg
and learn how to use them. they rock. (soft ice too)


Win32dasm is still up?  I haven't been able to get an updated
version in a long time.

As for ollydbg,  I had some problems with it.  Decided to debug
a program to see how it goes in disassembling it when it
took a while.   So I rebooted and found out that my normally
40GB HD had become a 1TB hd.  Needless to say, I wasn't
too impressed and had to reinstall Windows. :)

Edmund

__________ NOD32 2207 (20070420) Information __________

This message was checked by NOD32 antivirus system.
http://www.eset.com

Current thread:

Hex editor dallas jordan (Apr 18)
- RE: Hex editor Tony UcedaVelez (Apr 19)
- Re: Hex editor Daniel Coulbourne (Apr 19)
  - Re: Hex editor cc (Apr 20)
    - Re: Hex editor Boogiebruva (Apr 23)
- Re: Hex editor offset (Apr 19)
- Re: Hex editor dallas jordan (Apr 19)
- Re: Hex editor crazy frog crazy frog (Apr 19)
- Re: Hex editor Morgan Reed (Apr 24)
  - RE: Hex editor Jordan, Jason (Apr 25)