What Will You Learn?
Computer Architecture
Understanding CPU, memory, registers, and how computers execute code
Assembly Language
Reading and understanding machine language - the closest to hardware
PE Format
Structure of Windows executable files and how to analyze them
Debugging
Using debuggers to analyze programs at runtime
Static Analysis
Using IDA Pro and Ghidra for analysis without execution
Malware Analysis
Fundamentals of analyzing malicious software
Prerequisites
-
Basic knowledge of operating systems
Understanding of processes, files, and memory management
-
Familiarity with programming (preferably C)
Variables, functions, loops, conditions
-
Basic understanding of binary numbers
The course will review this, but background helps
-
Curiosity and willingness to learn!
RE requires patience and analytical thinking
Course Content
📚 Part 1 - Theory
Introduction to Reverse Engineering
What is RE, why learn it, and what are the industry applications
Number Systems
Binary, hexadecimal, conversions, and number representation in computers
x86/x64 Architecture
CPU structure, registers, and instruction cycle
Memory Management
Stack, Heap, Virtual Memory, and how programs use memory
Assembly - Basics
Basic instructions, data movement, and arithmetic operations
Assembly - Flow Control
Jumps, conditions, loops, and function calls
PE Format
Structure of EXE and DLL files in Windows
Calling Conventions
How functions receive parameters and return values
Static Analysis Tools
Working with IDA Pro and Ghidra
Debugging
Dynamic analysis with x64dbg and WinDbg
🔧 Part 2 - Hands-on Labs
Lab 1: Getting to Know the Tools
Installation and first steps with IDA, Ghidra, x64dbg
Lab 2: Reading Assembly
Analyzing simple programs and understanding the code
Lab 3: Crackme Challenge
Solving a classic RE challenge - finding the password
Lab 4: PE Analysis
Examining the structure of a real EXE file
Lab 5: Advanced Debugging
Execution tracing, memory modification, and patching