Post

Reverse Engineering Course (Windows)

This course will teach you how to reverse engineer software with a focus on modern Windows applications. The technical knowledge obtained in this course applies to 32-bit Windows, and the theory to any OS.

Course Navigation

Since this course is built on a website designed for blog posts, following the course may be a bit tricky. Here is a quick guide on not getting lost!

At the bottom of the page you should see options to go to the previous and next pages based on the date of their creation. I will try to date my posts so that these correspond to the next and previous lessons.

Please double check the post titles to ensure you are following the course in the correct order.

To further aid in navigation I’ve created a table of contents. You can find the table of contents here.

Also, check out the categories page in the side bar, and more specifically, the “Course” category.

Overview

The choice has been made for 64-bit Windows since it’s modern and the most common OS and architecture. In addition, we only have to deal with one calling convention.

For a more interactive experience with the initial portion of the course (chapters 1 through 6), try out the course on TryHackMe:

  1. Windows x64 Assembly
  2. Windows Reverse Engineering Intro

PDF ZIP Password

There are some PDFs created and provided in ZIP files. They may not be up to date, so it’s recommended to follow the normal markdown version of the course. The PDFs were provided due to a high number of requests for them.

The password for the ZIP files is “reverse” (without the quotes).

Before You Begin

What We’ll Do & Learn:

This course is going to teach anyone how to reverse engineer x64 Windows. We will start by covering some basics of binaries, then reverse some small samples, reverse a DLL and implement it into our own program, reverse some malware, then look at some realistic situations.

The goal is not to teach you how to smash your head against assembly. Rather, I want to teach how to use tools to enhance your skills and capabilities. For example, we will cover how to log function calls for easier analysis using a debugger or writing our own code for more control.

Why I Made This Course

Reversing is made so much harder because of the lack of resources to learn it. Most content is outdated, overpriced, hard to follow, or low quality. Reversing is already considered by many to be a difficult field to get into. Something being difficult isn’t an issue, but when it gets needlessly difficult there is an issue. After reading multiple books, countless blog posts, extensive documentation, following multiple YouTube “tutorials”, and much more, I feel like it’s time for someone to make a dedicated course. I don’t think it should be that hard to learn one topic. I certainly don’t want people to have to go through the mess I went through, so I decided to make this course. I love this field and I wanted to give back to the community. Here’s my gift to you and the rest of the community. Hopefully there are a few people out there that this course can help.

Contact/Stay Updated:

Follow me on Twitter @0xZ0F!
Discord Server: https://discord.gg/73tkPGv

Please give me any and all honest feedback you have. Don’t worry about hurting my feelings, I want to make this course as good as I can. I can’t do that alone, that’s why your feedback is so important.

The best way to stay up-to-date is to support me on Patreon which will give you access to the Patreon-only feed. The feed includes the latest updates, upcoming updates, and more.

This post is licensed under CC BY 4.0 by the author.