【逆向知识】GitHub:Awesome-Hacking(黑客技能列表-逆向)
0 初衷
GitHub这一份黑客技能列表很不错,包含了多个方向的安全。但目前我关注只有逆向工程与恶意代码,所以其他的被暂时略过。
虽然很感谢作者的辛勤付出,但并不打算复制粘贴全套转载。逐条整理是为了从大量资源里梳理出自己觉得实用性很高的东西。
《Awesome-Hacking》
https://github.com/Hack-with-Github/Awesome-Hacking
Awesome Hacking系列-逆向
- 逆向:关于逆向的图书、培训、实战、工具等
https://github.com/tylerhalfpop/awesome-reversing
1 逆向
awesome-reversing系列逆向资源列表清单
2.1 Books
逆向工程书籍
- The IDA Pro Book 《《IDA Pro权威指南(第2版)》》
- Reverse Engineering for Beginners 《逆向工程权威指南》
- Assembly Language for Intel-Based Computers (5th Edition) 《Intel汇编语言程序设计(第五版)》
- Practical Reverse Engineering 《逆向工程实战》
- Reversing: Secrets of Reverse Engineering 《Reversing:逆向工程揭密》
- Practical Malware Analysis 《恶意代码分析实战》
- Malware Analyst's Cookbook 《恶意软件分析诀窍与工具箱》
- Gray Hat Hacking 《灰帽黑客》
- The Art of Memory Forensics
- Hacking: The Art of Exploitation 《黑客之道:漏洞发掘的艺术》
- Fuzzing for Software Security
- Art of Software Security Assessment
- The Antivirus Hacker's Handbook
- The Rootkit Arsenal 《Rootkit:系统灰色地带的潜伏者中文》
- Windows Internals Part 1 Part 2 《深入解析windows操作系统》
- Inside Windows Debugging
- iOS Reverse Engineering 《iOS逆向工程》
- The Shellcoders Handbook
- A Guide to Kernel Exploitation
- Agner's software optimization resources
2.2 Courses
逆向工程课程
Lenas Reversing for Newbies
https://tuts4you.com/download.php?list.17Open Security Training
http://opensecuritytraining.info/Training.htmlDr. Fu's Malware Analysis
http://fumalwareanalysis.blogspot.sg/p/malware-analysis-tutorials-reverse.htmlBinary Auditing Course
http://www.binary-auditing.com/TiGa's Video Tutorials
http://www.woodmann.com/TiGa/Legend of Random
https://tuts4you.com/download.php?list.97Modern Binary Exploitation
http://security.cs.rpi.edu/courses/binexp-spring2015/RPISEC Malware Course
https://github.com/RPISEC/MalwareSANS FOR 610 GREM
https://www.sans.org/course/reverse-engineering-malware-malware-analysis-tools-techniques/Type/asc/allREcon Training
https://recon.cx/2015/training.htmlBlackhat Training
https://www.blackhat.com/us-16/training/Offensive Security
https://www.offensive-security.com/information-security-training/Corelan Training
https://www.corelan-training.com/Offensive and Defensive Android Reversing
https://github.com/rednaga/training/raw/master/DEFCON23/O%26D%20-%20Android%20Reverse%20Engineering.pdfReverse Engineering Malware 101
https://securedorg.github.io/RE101/ARM Assembly Basics
https://azeria-labs.com/writing-arm-assembly-part-1/
2.3 Practice
实践逆向工程。小心恶意软件。
- Crackmes.de
http://www.crackmes.de/ - OSX Crackmes
https://reverse.put.as/crackmes/ - ESET Challenges
http://www.joineset.com/jobs-analyst.html - Flare-on Challenges
http://flare-on.com/ - Github CTF Archives
http://github.com/ctfs/ - Reverse Engineering Challenges
http://challenges.re/ - xorpd Advanced Assembly Exercises
http://www.xorpd.net/pages/xchg_rax/snip_00.html - Virusshare.com
http://virusshare.com/ - Contagio
http://contagiodump.blogspot.com/ - Malware-Traffic-Analysis
https://malware-traffic-analysis.com/ - Malshare
http://malshare.com/ - Malware Blacklist
http://www.malwareblacklist.com/showMDL.php - malwr.com
https://malwr.com/ - vxvault
http://vxvault.net/
2.4 Hex Editors
010 Editor
http://www.sweetscape.com/010editorHex Workshop
http://www.hexworkshop.comHexFiend
http://ridiculousfish.com/hexfiendHiew
http://www.hiew.ru
2.5 Binary Format
CFF Explorer
http://www.ntcore.com/exsuite.phpCerbero Profiler
http://cerbero.io/profiler/Lite PE Insider
http://cerbero.io/peinsider/Detect It Easy
http://ntinfo.biz/PeStudio
http://www.winitor.com/MachoView
https://github.com/gdbinit/MachOViewnm - View Symbols
https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/nm.1.htmlfile - File information
https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/file.1.htmlcodesign - Code signing information usage: codesign -dvvv filename
https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/codesign.1.html
2.6 Disassemblers
Binary Ninja
https://binary.ninja/Radare
http://www.radare.org/r/Hopper
http://hopperapp.com/Capstone
http://www.capstone-engine.org/
2.7 Binary Analysis
Mobius Resources
http://www.msreverseengineering.com/research/
2.8 Bytecode Analysis
Bytecode Viewer
https://bytecodeviewer.com/Bytecode Visualizer
http://www.drgarbage.com/bytecode-visualizer/JPEXS Flash Decompiler
https://www.free-decompiler.com/flash/
2.9 Import Reconstruction
输入表重建工具
ImpRec
http://www.woodmann.com/collaborative/tools/index.php/ImpRECLordPE
http://www.woodmann.com/collaborative/tools/images/Bin_LordPE_2010-6-29_3.9_LordPE_1.41_Deluxe_b.zip
3.0 Dynamic Analysis
- ProcessHacker
http://processhacker.sourceforge.net/ - Process Explorer
https://technet.microsoft.com/en-us/sysinternals/processexplorer - Process Monitor
https://technet.microsoft.com/en-us/sysinternals/processmonitor - Autoruns
https://technet.microsoft.com/en-us/sysinternals/bb963902 - Noriben
https://github.com/Rurik/Noriben - API Monitor
http://www.rohitab.com/apimonitor - iNetSim
http://www.inetsim.org/ - Wireshark
https://www.wireshark.org/download.html - Fakenet
http://practicalmalwareanalysis.com/fakenet/ - netzob
https://www.netzob.org/ - Volatility
https://github.com/volatilityfoundation/volatility - LiME
https://github.com/504ensicsLabs/LiME Cuckoo
https://www.cuckoosandbox.org/
-Objective-See Utilities
https://objective-see.com/products.html- dtrace - sudo dtruss = strace dtrace recipes
http://dtrace.org/blogs/brendan/2011/10/10/top-10-dtrace-scripts-for-mac-os-x/
http://mfukar.github.io/2014/03/19/dtrace.html - fs_usage - report system calls and page faults related to filesystem activity in real-time. File I/O: fs_usage -w -f filesystem
https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/fs_usage.1.html dmesg - display the system message buffer
https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man8/dmesg.8.html
3.1 Debugging
- WinDbg
https://msdn.microsoft.com/en-us/windows/hardware/hh852365.aspx - OllyDbg v1.10
http://www.ollydbg.de/ - OllyDbg v2.01
http://www.ollydbg.de/version2.html - OllySnD
https://tuts4you.com/download.php?view.2061 - Olly Shadow
https://tuts4you.com/download.php?view.6 - Olly CiMs
https://tuts4you.com/download.php?view.1206 - Olly UST_2bg
https://tuts4you.com/download.php?view.2816 - x64dbg
http://x64dbg.com/#start - gdb
https://www.gnu.org/software/gdb/ - vdb
https://github.com/vivisect/vivisect - lldb
http://lldb.llvm.org/ - qira
http://qira.me/ - unicorn
https://github.com/unicorn-engine/unicorn
3.2 Mac Decrypt
Cerbero Profiler - Select all -> Copy to new file
http://cerbero-blog.com/?p=1311AppEncryptor - Tool for decrypting
https://github.com/AlanQuatermain/appencryptorClass-Dump - use deprotect option
http://stevenygard.com/projects/class-dump/readmem - OS X Reverser's process dumping tool
https://github.com/gdbinit/readmem
3.3 Document Analysis
- Ole Tools
http://www.decalage.info/python/oletools - Didier's PDF Tools
http://blog.didierstevens.com/programs/pdf-tools/ - Origami
https://github.com/cogent/origami-pdf
3.4 Scripting
- IDA Python Src
https://github.com/idapython/src - IDC Functions Doc
https://www.hex-rays.com/products/ida/support/idadoc/162.shtml - Using IDAPython to Make your Life Easier
http://researchcenter.paloaltonetworks.com/tag/idapython/ - Introduction to IDA Python
https://tuts4you.com/download.php?view.3229 - The Beginner's Guide to IDA Python
https://leanpub.com/IDAPython-Book - IDA Plugin Contest
https://www.hex-rays.com/contests/ - onehawt IDA Plugin List
https://github.com/onethawt/idaplugins-list - pefile Python Libray
https://github.com/erocarrera/pefile
3.5 Android
- Android Developer Studio
http://developer.android.com/sdk/index.html - APKtool
http://ibotpeaches.github.io/Apktool/ - dex2jar
https://github.com/pxb1988/dex2jar - Bytecode Viewer
https://bytecodeviewer.com/ - IDA Pro
https://www.hex-rays.com/products/ida/index.shtml
3.6 Yara
参考
- 1、GitHub 万星推荐:黑客成长技术清单
http://www.4hou.com/info/news/7061.html
【逆向知识】GitHub:Awesome-Hacking(黑客技能列表-逆向)的更多相关文章
- GitHub:Awesome-Hacking(黑客技能列表-恶意代码)
0 初衷 GitHub这一份黑客技能列表很不错,包含了多个方向的安全.但目前我关注只有逆向工程与恶意代码,所以其他的被暂时略过. 虽然很感谢作者的辛勤付出,但并不打算复制粘贴全套转载.逐条整理是为了从 ...
- 逆向知识第一讲,IDA的熟悉使用,以及TEB,PEB结构
逆向知识第一讲,IDA的熟悉使用,以及TEB,PEB结构 一丶熟悉IDA,以及手工制作sig文件. IDA,静态分析工具,网上随便找一个即可下载. 首先,我们写一个可执行EXE,最简单的 使用IDA打 ...
- 逆向知识第八讲,if语句在汇编中表达的方式
逆向知识第八讲,if语句在汇编中表达的方式 一丶if else的最简单情况还原(无分支情况) 高级代码: #include "stdafx.h" int main(int argc ...
- 逆向知识第十四讲,(C语言完结)结构体在汇编中的表现形式
逆向知识第十四讲,(C语言完结)结构体在汇编中的表现形式 一丶了解什么是结构体,以及计算结构体成员的对其值以及总大小(类也是这样算) 结构体的特性 1.结构体(struct)是由一系列具有相同类型或不 ...
- 逆向知识第一讲,IDA的熟悉使用
逆向知识第一讲,IDA的熟悉使用 一丶熟悉IDA,以及手工制作sig文件. IDA,静态分析工具,网上随便找一个即可下载. 首先,我们写一个可执行EXE,最简单的 使用IDA打开. 1.提示使用什么格 ...
- 逆向知识之CS辅助/外挂专题.2.实现CS1.6透视原理
逆向知识之CS辅助/外挂专题.2.实现CS1.6透视原理 一丶透视简介 我们涉及到FPS游戏.免不了说透视.自瞄什么的. 在CS1.6中. 有OpenGl.也有D3D. 透视的方法很多. gl透视(也 ...
- 逆向知识之CS辅助/外挂专题.2.实现CS1.6无限夜视仪.无限闪光烟雾高爆弹.
逆向知识之CS辅助/外挂专题.2.实现CS1.6无限夜视仪.无限闪光烟雾高爆弹. 关于人物子弹无限可以观看上一篇博客. 一丶无限夜视仪. 无限夜视仪找法. 1.CE附加游戏. 2.搜索0或者1. 3. ...
- 逆向知识之CS1.6辅助/外挂专题.1.实现CS1.6主武器副武器无限子弹
逆向知识之CS辅助/外挂专题.1.实现CS主武器副武器无限子弹 PS: 相信大家CS1.6这类的FPS应该玩过.现在我们通过外挂手法.讲解逆向的本质.以及应用. 关于CS1.6的下载.网络百度下载即可 ...
- Python灰帽子:黑客与逆向工程师的Python编程之道|百度网盘免费下载|新手黑客入门
百度网盘免费下载:Python灰帽子:黑客与逆向工程师的Python编程之道 提取码:tgpg 目录 · · · · · · 第1章 搭建开发环境 11.1 操作系统要求 11.2 获取和安装Pyt ...
随机推荐
- mysql test== 坑
错误 <if test="status == '1'"> 正确 <if test="status == '1'.toString()">
- MT【55】近零点
[Among the natural enemy of mathematics, the most important thing is that how do we konw somethi ...
- 自学Linux Shell12.2-test命令
点击返回 自学Linux命令行与Shell脚本之路 12.2-test命令 if-then语句不能测试命令退出状态码之外的条件,test命令提供了在if-then语句中测试不同条件的途径. 如果tes ...
- 自学Zabbix3.12.3-动作Action-自动发现action配置
点击返回:自学Zabbix之路 点击返回:自学Zabbix4.0之路 点击返回:自学zabbix集锦 自学Zabbix3.12.3-动作Action-自动发现action配置 1. 首先先学习 Ne ...
- 自学Zabbix11.6 Zabbix SNMP自定义OID
点击返回:自学Zabbix之路 点击返回:自学Zabbix4.0之路 点击返回:自学zabbix集锦 自学Zabbix11.6 Zabbix SNMP自定义OID 为什么要自定义OID? 前面已经讲过 ...
- [hgoi#2019/2/16t2]friend
题目描述 在一个遥远的国度里有n个人,每个人手上写着4个互不相同的数. 这个国度比较奇怪,如果两个人至少有一个数字相同,则他们是一对朋友. 现在这n个人按序号从左到右排成了一排,每个人都想知道在他左边 ...
- 【GYM 102059】2018-2019 XIX Open Cup, Grand Prix of Korea
vp了一场gym,我又开心地划水了. A. Coloring Roads 题意:给定一棵树,树边一开始都是无色的,每次操作可以把一个点到根的路径染成某个颜色,每次询问当前树上出现过某个次数的颜色种数. ...
- sklearn 的train_test_split
train_test_split函数用于将矩阵随机划分为训练子集和测试子集,并返回划分好的训练集测试集样本和训练集测试集标签. 格式: from sklearn.model_selection imp ...
- 关于promise的一些用法
Promise,简单说就是一个容器,里面保存着某个未来才会结束的事件(通常是一个异步操作)的结果.从语法上说,Promise 是一个对象,从它可以获取异步操作的消息. Promise对象有以下两个特点 ...
- Jenkins-Pipeline 流水线发布部署项目
node { sh 'mkdir -p cms' dir('cms') { git branch: 'prerelease', credentialsId: '5fb79ef0-4301-4b7c-a ...