Reverse Engineering for Beginners: How to Perform Static Analysis on any Piece of Software

Рет қаралды 121,435

Күн бұрын

Пікірлер: 315

@davidblake6889 5 ай бұрын

Some of your introduction, including the development of the bombe is incorrect. The original bombe was developed in the early 1930's by the Polish engineers, who along with their plans and personnel were helped to escape from Poland to the UK before the German invasion at the start of WWII. With these people and plans, Alan Turing and Gordon Welchman developed the system much further at the cryptography centre at Bletchley Park in Buckinghamshire in the UK. Much later, their design for the bombe was given to the US Army and Navy to allow them to build their own systems. The bulk of the German radio traffic in Europe was intercepted by both military Y stations and civilian voluntary interceptors (VI's), who were amateur radio operators skilled in receiving morse code in adverse conditions. All of these intercepted messages were decrypted, translated, analysed and disseminated by the personnel based at Bletchley Park.

@ethicalpap 5 ай бұрын

@davidblake6889 Thank you for the correction on my history! Pinning this comment for all to see. Grateful to you for taking the time to clarify. This will help me to improve for future videos.

@adrianpad 5 ай бұрын

who cares. he is delivering engineering gold. not history

@a4d9 5 ай бұрын

@@adrianpad Bill Gates, the current president of the United States of America, invented the computer in 1966 and founded Apple in 1896. Who cares about getting the facts right?

@INDIOBRAVOO 5 ай бұрын

@@adrianpad 🤣

@JuanDuarte_58 5 ай бұрын

Good thing the video is about RE and not for a history test.

@logyross6883 5 ай бұрын

I never watched a single reverse engineering video yet the algorithm somehow knew I was interested in this. 🤣 thanks for the video

@tsol438 5 ай бұрын

I was actually trying to find "reverse" connection anydesk. Been watching scambaiters. But I'm also interested in reverse engineering so it was still a win-win. 😀👍

@ParhamSalamati 5 ай бұрын

Best approach on explaining assembly I've seen so far, starting with cpu and ram structure. Great job!

@i1abnrk 4 ай бұрын

This is like a full semester course packed into an hour. Well done.

@Thedude897 4 ай бұрын

Oh watched it in slomo Play it at a faster speed..

@pritulkhan1395 4 ай бұрын

I am a devops engineer and the algos brought me here. This flew way over my head but I thoroughly enjoyed it

@ninthjake 5 ай бұрын

The effort put into this video is visible and the quality is insane. Very well presented and explained. Bravo!

@danielgriffiths5901 5 ай бұрын

Looks like you hit the algorithm, just FYI

@Sadigziggi 5 ай бұрын

Yep

@Ilovegemsomuch 5 ай бұрын

Yep

@bekone 5 ай бұрын

Yep

@tristancole8158 5 ай бұрын

Sit down, son, and let The Beard teach you some cryptography.

@Mandil 5 ай бұрын

I love it when I can be part of something

@sense.enjoyer 5 ай бұрын

Been watching your channel and I've just barely realized how slept on you are. Considering the quality of your videos I had thought you already had thousands of subs and much more views. This channel is going to blow up--considering the impending explosion of cybersecurity careers in line with AI/ML advances--its only up from here man!

@greatwolf. 5 ай бұрын

49:08 quick note, In the context of C and C++, a reserve parameter is put in there by whoever designed it so they can later modify it or extend it with other functionality, eg. like in a later version. Same concept but in something unrelated, you see this sometimes in forum threads. An announcement thread is made and sometimes the original poster of that thread would make 1 or 2 extra empty message post below the first so they have space to add extra stuff later if they need.

@ethicalpap 5 ай бұрын

Thank you!

@MichaelSmith-lm5sl 5 ай бұрын

The idea of a "reserved parameter" in C and C++ isn't typically about leaving parameters empty for future use. Instead, designers sometimes add additional parameters to functions (often with default values) to ensure future compatibility and extend functionality without changing the function's signature in a breaking way. In C++, this is more commonly handled through method overloading, default parameters, or using variadic templates, rather than reserving parameters. As for the analogy with forum threads, it's not quite the same. In programming, leaving room for future changes needs careful planning to ensure backward compatibility and maintainability, while reserving posts in forums is a straightforward way to manage content updates. To sum up, in professional C/C++ development, future-proofing involves careful design patterns rather than just "reserving" parameters.

@aleksandrbazhin 4 ай бұрын

@@ethicalpap Also about that function - I think the params are retrieved from the stack in the reverse order, so the reserved is 0, and the URL is known - it's some .ico file that's being copied into some .exe

@theobvious1958 3 ай бұрын

how was this done 40 years ago, i don't see a big difference between 70s 7473 and modern 747s??

@AlienzOnlyBruh 4 ай бұрын

I thought I was going to end up in another KZbin rabbit hole with no new cybersecurity content that would peak my interest. I almost gave up lol. I just finished watching this video and I have to say I am so happy I found your channel. I love your editing and how you teach your methods. Please keep the amazing content coming. You got a new subscriber. 💪🏻

@celinks123 4 ай бұрын

The best introduction to RE and assembly I have ever watched. Hands down, you know your stuff and have mastered the art of teaching.

@theovannieuwenhuizen5756 2 ай бұрын

Thanks for putting in so much effort in explaining the basics. Must have been a real challenge to finish this video.

@PBandECHO 4 ай бұрын

I fully expected to be overwhelmed but you broke it down in a digestible way. Thank you.

@mikele384 5 ай бұрын

this video will skyrocket...

@xCheddarB0b42x 5 ай бұрын

I have been looking for a decent architecture primer, and here one is. Thank you! Subbed.

@lbgonpokeit 3 ай бұрын

The way you can simply articulate mostly foreign ideas to me is remarkable. I have a history in computer science but a lot of the barebones Assembly stuff you talk about has always been daunting to me. Thanks for making it a bit more approachable for me today.

@Shock-oh5rc 4 ай бұрын

This video is very important to watch carefully to undestand code it really helped me

@arizvisa 4 ай бұрын

It makes me happy seeing more people interested in RE in general. RE is a skill that's very similar to learning a language. You practice familiarity until you develop fluency. A lot of the regular RE communities are super-quiet with individuals that are very temporary, looking for a quick answer when there is none. It makes it very difficult to hire people, instead forcing companies to search for people who're passionate, and then training them up to speed.

@MissionSilo 4 ай бұрын

Are there degrees or courses on it?

@arizvisa 4 ай бұрын

@@MissionSilo I don't know of any offhand, but i'm sure there are (although I can't personally vouch for their quality, since some could just be money grabs recycling prior-written content). There are, however, different "types" of reverse engineering which warrant different types of approaches towards comprehension... each result in refining your skills differently. So, it's worth considering what your long term goal is so that you can focus on familiarity within the field you're interested in (and discover courses that cater towards those goals). Generally, though, RE is originally rooted in interoperability, so if you're a good enough developer with the ability to run a debugger to confirm your theories, you get basic algorithmic familiarity for free and can use that as a base to get better. The tools that reverse engineers use and regular engineers use overlap in many ways. Despite this, there's many ways to develop a skill.

@MissionSilo 4 ай бұрын

@arizvisa yeah there is software RE then hardware?

@arizvisa 4 ай бұрын

@@MissionSilo Hardware, Software (Interoperability/IP-theft, Malware, Vulnerabilities)...Each develops different skills. Reversing malware is almost completely different from vulnerability research, but then Interop (in some cases) can be considered part of Vulns. Then there's variations on both of those if you focus on low-level things where it involves Userspace, Kernelspace, etc. These also extend to different platforms/languages which have different patterns for you to recognize (although, they all follow the same basic rules). Some JS deobfuscation can also be considered RE. That's why knowing which field you are actually interested in is important.

@MissionSilo 4 ай бұрын

@@arizvisa so general engineering for being able to do anything in RE?

@leeoiou7295 4 ай бұрын

Excellent video, bro. The intro was a bit unnecessary but the remaining part of the video was fire and by far the best content on reverse engineering I have seen.

@LinkinPark4694 3 ай бұрын

This is a good video. I normally don't comment on videos but this is produced really well. Subscribed and genuinely looking forward to watching the rest of your videos.

@ryanryanryanryanryan572 6 күн бұрын

Helllll yaaaaa, you should make a second video. I thought you explained how to read assembly language clearer than anybody else on the net!!! 😁 Good Job!!!

@eminulastimurtas2723 4 ай бұрын

you're amazing bro, you answered almost all the questions I had about getting started. Lot's of love from Turkey!!

@Tofarglobal 5 ай бұрын

Can't wait for a part 2

@cody_code 5 ай бұрын

A part 2 would be awesome man, thanks for making this!

@Jasonspring74 5 ай бұрын

Man, you're so good, I've always thought of cybersecurity as a whole is complex and hard, don't get me wrong , it still is hard for me 😂, but the way you teach things , the way you explain , I could relate to it even as a complete beginner, keep going mate 🙌, and also the intro of this video is a banger, sick editing, I ain't even lying you're gonna pop off, this video already did pop off, Keep the videos coming, Just wanted to let you know that you're video are super helpful.❤

@moosematrix 4 ай бұрын

Really great video! Excited to watch this and your part 2 today!!

@otubright5864 4 ай бұрын

I really enjoy your content! Could we schedule a second session on reverse engineering? I’d love to dive deeper into the details, and if possible, a live demo of a piece of written software would be greatly appreciated. You're doing fantastic work, and I truly value it!

@Tin-m5c 4 ай бұрын

i cant lie. you are GOOD at making videos. i was hooked for the entire video. good job, and i have a short sense of focusing.

@gravy1770 5 ай бұрын

All it took was the title and video length for me to know I had to watch this. Very much to the point. Loved every second

@TheResearchEngineer 5 ай бұрын

I know ASM but this was very pleasing to listen to while doing work around the house and general cleaning. Definitely subscribed to your channel. You’ve got a great format going on your videos. Keep it up, I see 25k+ by the end of the year.

@keyboardcaresser 3 ай бұрын

Great to see you are coming up on 10k! One thing that may also help is trying to put out a short 10-20 minute video weekly while doing the monthly long one. It will help with the algorithm.

@BrianThomas 5 ай бұрын

I love tech hands down, but for some reason I just don't like cyber security. My interest in it was always very low, but for some reason you've captured my attention. I found myself losing track of time while watching these videos. Thank you my friend. It looks like you've sparked something that I didn't even know was there.

@philmcgroin 4 ай бұрын

Good stuff, I used to play around with this a long time ago (way before KZbin) , you explained it really well!

@ret2libc0x90 5 ай бұрын

Highly underrated channel, I know you will pop off soon.

@lordbacon4972 4 ай бұрын

Pap, thank you! First time viewer, and immediately subscribed after finishing watching! I really enjoyed your teaching style, you explained in plain simple terms and explained all the relevant details while sprinkling interesting background history that adds color to the content. Since you made this video a month ago, I'm hoping you made a follow-up tutorial showing you making changes to the code to modify the logic and then re-compile it back to an executable. Again, thank you for this amazing tutorial! 🙏

@Gh0stwrter 4 ай бұрын

Thanks for the great tutorial!! I really like how you explained the stack with the main function. As a programmer this made a lot of sense and helped me understand something I've been trying to wrap my mind around in lower level programming like Rust

@SANDACHEAngelDumitru Ай бұрын

Cool Video , Thank you ! First time :) on a reverse engineering Video.

@christianroy1071 5 ай бұрын

As a mechanical engineer this is not the type of reverse engineering nor the kind of static analysis I was expecting.

@AJ5 4 ай бұрын

Yeah me too, LOL. I haven't watched the video yet but I doubt "static" will be anything close to the shitstorm we had to study

@Lorendrawn 4 ай бұрын

Static analysis is tremendous pain. I became a masochist

@travisio 4 ай бұрын

I came here to write this exact comment haha. I did find it surprisingly accessible once I realized what the subject was

@lbgonpokeit 3 ай бұрын

Lol it says for Software in the title bros

@PBandECHO 4 ай бұрын

That was honestly amazing. I would love a part 2, and 3, and 4.

@Drakkheart 4 ай бұрын

Excellent starting point. Thank you so much for making this! You explain things very clearly.

@Radical9535 4 ай бұрын

Part2 please!

@AKKJ420 4 ай бұрын

Great video. For some reason I don't see a "main" function my file. Please dont stop making videos you are naturally born teacher. Many thanks

@RichardPalmer-np4hb 4 ай бұрын

Enjoyed the entire topic and reminder of reverse engineering. Presented VERY well and look forward to part 2. You have a new subscriber to your channel. Thanks.

@Abigayle-hf7by 4 ай бұрын

i admire your work so much, you’re a true inspiration!

@Gaurav_Kandpal 5 ай бұрын

Thanks for dropping the video. Want part 2 of this. A dynamic analysis would be great.

@charliebrewer1668 4 ай бұрын

Def need a pt 2!!! Thank you 🙏🏽

@milanguzvic8457 5 ай бұрын

Excellent video brother, I stumbled upon your channel and had to subscribe :)

@matthewdietzen6708 4 ай бұрын

Dude... this is JUST what I needed.

@tefan1379 4 ай бұрын

Definitely would like part 2!

@0ADVISOR0 5 ай бұрын

I love it, new Sub! Please make Part 2,3,4 and 100!

@efe3036 4 ай бұрын

Just found your KZbin very informative, start following you already. Thanks

@JerryThings 5 ай бұрын

Thank you for making this video, I hope future RE enthusiasts will see this one, it's gold! I learned asm by myself a few years ago, and never knew about the lore of big-little endian lol

@derrickagyemang1259 4 ай бұрын

Great video, very thorough explanation

@dronestrikejr 4 ай бұрын

Hell yea; love ur channel, this what i was looking for. just subbed

@sunmoonstarrays 4 ай бұрын

yay! 🥳SOOOOOOOOO happy to have been presented with your video! I’ve watched and not even joking endless hours of code 🧑🏽‍💻 review and educational content and just was not connecting not due to content, but you just speak my language and I could actually follow you! Thank you for your teaching style it’s really helpful and appreciated. 🆕 sub here 🙋🏽‍♀️💜

@PlatzHalter-j3i 3 ай бұрын

please part 2, 3, ,4 ... great explanations

@dennismwangi3573 4 ай бұрын

Thank yu for sharing. Very informative.

@dynaspinner64 5 ай бұрын

Thanks! This will be helpful for me as a normie.

@andydataguy 5 ай бұрын

Brother your channel is criminally undersubscribed

@turnoff7572 4 ай бұрын

Looks like a great video glad it got recommended to me, I'm procrastinating like crazy but wana start learning. i saved it watch later please someone remind me

@straightface311 5 ай бұрын

This was very informational and well explained. Thanks for this!

@volatuscorvus621 5 ай бұрын

please continue this and get into more advance stuff eventually!! you are great

@josiahdada3727 5 ай бұрын

I would definitely love a part 2

@Symbiont_One 5 ай бұрын

Gonna have to make another cup of coffee to take in all this information Great work bro. 👍

@funkbungus137 4 ай бұрын

I feel vindicated in my "smash thing to see how it works" methodology I developed as a toddler when I found out that the particle physics at CERN are doing the same shit. Ghidra doesn't come with a "fucking smash it" button so I am kinda lost in the software realm.

@otisbrown420 4 ай бұрын

Thanks you my brother for more to learn about..

@shaggygoat 5 ай бұрын

If we wrote right-to-left (best for right-handers with clay tablets so they can see the approaching margin) and used our usual Hindu-Arabic numbers, or instead wrote left-to-right (best for right-handers with ink so they more easily avoid smudging wet ink) and wrote numbers with the smallest place values first, we would all be using Little Endian machines, and multi-byte numbers in hex dumps of any byte multiple units, bit numbering and bitmapped graphics pixel addressing would be rather consistent and intuitive. 😀

@helloworlditsworld 5 ай бұрын

This is amazing I’m glad I found your channel

@JustLennyBenny 3 ай бұрын

My kinda channel, subbed, locked, watching, bound and benching. o7 (algorithm also)

@sabyasachisahoo8975 5 ай бұрын

Thanks for making this kind of awesome video ,please upload the 2nd part

@tylerfarrell8748 4 ай бұрын

Great Video! Keep it up. Subscribed!

@whoismikeyuk 4 ай бұрын

I agree. You hit the algorithm. Your video just popped up on my radar. Not really my subject, but really informative. Thank you. ps. Yes, I subscribed 😊

@ElephantDragonWolf 5 ай бұрын

Hey great video. Awesome learning experience. Can you lay some pointers on how you prepared for the video - i mean the layout of content, 1. what to discuss/explain first and how much to say on what topic then going on to next 2. the scripting balance with facts, teaching, engagement, fun 3. what technology (app, device) you're using. Thank you!

@ethicalpap 5 ай бұрын

Absolutely, ping me on one of my socials in the description and I can walk through my process, although it's changed since this video.

@x1101126 4 ай бұрын

Very good content, worth 4 years of college 👍

@N.BinZahar 5 ай бұрын

I like the way you explain. Thanks

@raghuraghav6636 5 ай бұрын

Really thanks for simple the explanation man. Please create a proper standard for reverse engineering with a proper series and come fast with part 2 brother.

@jamesross3939 4 ай бұрын

I haven't done reverse engineering since 2005 when I cracked a USB dongle for my boss!! I was surprised that I was able to do it actually. I was using IDA Pro at the time. Previous to that I disassembled some 8 bit MC6809 code in the 1980's ... Reverse engineering is complex, difficult, and time consuming. Makes you wonder what AI tools will emerge that makes it way simpler.

@worldwar_two2894 4 ай бұрын

great video mn!

@uzumakiuchiha7678 5 ай бұрын

make this is playlist please. It was nice, improved my understanding

@4sakenGol3m 5 ай бұрын

I loved the video! Can we get a part two?

@FullMetalAlchemist777 5 ай бұрын

Great content, very interesting, as we say in France : Merci beaucoup :)

@uzumakiuchiha7678 5 ай бұрын

I would very much like a part 2. PLEASE MAKE a PART 2

@robelbelay4065 4 ай бұрын

Yes please part 2!!

@StinerDevHub 2 ай бұрын

Thank you dear 🥳🎯 🎉

@ermyril 5 ай бұрын

Dude, your channel is like a dream come true, I always wanted to understand reversing because for me it still feels like some magic

@MorningNapalm 5 ай бұрын

Seems like a really interesting video, and if an ARM version is ever made, I will be back to watch the full series, but to be honest, x86 assembler makes me projectile-vomit every time I see it, so for now I am bowing out. I am leaving a like, in the hope it encourages you to do more.

@hermanheinz33 3 ай бұрын

Great Video!

@dzuzr 4 ай бұрын

Wish I had time to dive more into this. My brain is currently consumed by machine learning. Bookmarking for a rainy day.

@Dr_Frog 4 ай бұрын

Awesome video. Your presentation is excellent, you have some great graphics, and your knowledge is impressive. Could you keep them coming? On a side note, X86 refers to 16-bit and 32-bit processors, not just 32/64-bit processors. It was only in the Pentium and later series processors that they used 32-bit registers. Thus, from a historical point of view, the X86 would be referring to 16-bit and 32-bit processors in this family. Timeline 1978: The original processor used 16-bit registers. In 1982, 80286 used 16-bit registers, and then, in 1985, the processor with a 32-bit register was released.

@Nezorinos 4 ай бұрын

Please correct me if I'm wrong, since it's LE then for the URLDownloadToFile the szURL parameter is the 2nd from the bottom in the stack. Talking about the 48:12 explanation. Loved the video please do more.

@ethicalpap 4 ай бұрын

Correct! It should have been LE, I used BE which was backwards, but somehow the video still worked out without me noticing the mistake... ty :)