Security Basics mailing list archives
Re: Hex editor
From: Boogiebruva <boogiebruva () yahoo co uk>
Date: Sat, 21 Apr 2007 00:41:40 +0200
Ollydbg is freeware and is a work of art. Unfortunately, the best program is not free - IDA Pro. Before you start looking for software, though, read as much as possible about reverse engineering. You'll soon see that each book/website recommends different programs. Check them all out and you'll see which ones work better for you. Reverse engineering depends on a good foundation in assembly language - and each tutorial you read will recommend certain software, depending on the OS involved - normally Windo$e, as there's not much point in reversing open source software, unless of course you're trying to reverse linux, etc specific malware. And learning assembly is a bitch!! But it's like learning Chinese - very hard work but you end up being able to speak with almost a billion people - only that in this case you're learning how to speak with computers, almost in their own tongue. With assembly, you can even make the HD spin backwards, for crying out loud!! Go for it! cc wrote:
Didn't you write?:dallas jordan wrote:Hi all, I would like to start trying to do some reverse engineering of malware, just for learning purposes and I'd like to get some opinions on a good hex editor. Preferably freeware and beginner friendly, if there is such. I have looked at a couple, but wasn't sure if one was much better than another. I wanted to get some more experienced user's thoughts. Anyone have any suggestions? Thanks.I'd Suggest Hex workshop (you are on windows right?) I'd also suggest for reverse engineering that you get your hands on win32dasm and ollydbg and learn how to use them. they rock. (soft ice too)Win32dasm is still up? I haven't been able to get an updated version in a long time. As for ollydbg, I had some problems with it. Decided to debug a program to see how it goes in disassembling it when it took a while. So I rebooted and found out that my normally 40GB HD had become a 1TB hd. Needless to say, I wasn't too impressed and had to reinstall Windows. :) Edmund __________ NOD32 2207 (20070420) Information __________ This message was checked by NOD32 antivirus system. http://www.eset.com
Current thread:
- Hex editor dallas jordan (Apr 18)
- RE: Hex editor Tony UcedaVelez (Apr 19)
- Re: Hex editor Daniel Coulbourne (Apr 19)
- Re: Hex editor cc (Apr 20)
- Re: Hex editor Boogiebruva (Apr 23)
- Re: Hex editor cc (Apr 20)
- Re: Hex editor offset (Apr 19)
- Re: Hex editor dallas jordan (Apr 19)
- Re: Hex editor crazy frog crazy frog (Apr 19)
- Re: Hex editor Morgan Reed (Apr 24)
- RE: Hex editor Jordan, Jason (Apr 25)