Working on more content! Let me know what else you'd like to see me do a video on.

@henchnerd9404

3 жыл бұрын

possibly on good job routes/options for cybersecurity students leaving university soon in your opinion? please

@sameerahmad3734

3 жыл бұрын

Make complete lecture on Reverse Engineering beginners to advanced

@lolvivo8783

3 жыл бұрын

Same code on ghidra? Also what are the prerequisites to REng?

@internetwarrior666

3 жыл бұрын

Writing and exploiting an interrupt handler

@sergiomazariego_

3 жыл бұрын

Unpacking a lot of rare packers

Holy crap. I started reverse engineering about two years earlier, and I've devised so many tips and tricks and startup code pattern recognition to identify the main function over the years, but that tiny insight that the return value is actually used by the OS itself (so would have to be returned by the startup code too) is single handedly the best tip I've ever heard to pinpoint main! Game changing!

This video helped me reverse an exe for htb. After a damn year of nothing clicking, this one damn video tied everything together. Thank you!

The first time I opened my own simple Hello World program written in C, and saw how much extra boilerplate code is added to my program for the EXE to run, I was very much blown away, and now I realize that so much of what you see in IDA is often a lot of benign machine code that doesn't do anything bad at all, knowing how to identify it probably only comes from experience.

I got to know about you after reading the Wired article some months ago. I am so excited to find your KZread channel. Am binge watching and following along :P Thanks a lot for doing this !!!!

Thanks, great intro! I would love a series where you reverse progressively more complicated programs up to real life malware examples.

I would really appreciate some videos onto debuggers and dynamic analysis in general... like x64dbg, radare2 or even gdb

@ImagoCanis

3 жыл бұрын

ida has a debugger. i wouldn’t be surprised if thats where this was going. heads up though, gdb is objectively better than r2

@u00xclub

2 жыл бұрын

@@ImagoCanis it does, however, ida is not the best for dynamic analysis. x64dbg is way better compared to ida in dynamic analysis

Thank you so much for the beginner series man. appreciate it.

Great video just like the last, love this kind of content on your level! As for more videos in the future just keep reversing harder and harder stuff then maybe even do more specific series of stuff after more general ones, like only ELF files, or only EXE, or use Ghidra instead of Ida or even R2

This is gold, we need more RE tutorials and maybe even a x86 ASM course haha, honestly would pay for a course for malware analysis if you made one

Good one.. Please add walkthrough video on unpacking a malware.. The way you run through the concept is awesome

This is a great initiative ! Looking forward for more videos :)

I love your beginners videos so far

Very helpful. Thank you for sharing your knowledge.

Thank you very much. Please keep teaching dear @Marcus

Great video Marcus! So few people are on your level and your content is vital to help change that. Keep it up!

Great stuff! Thank you!

Great video thank you marcus ❤❤

Would love to see a video on tips n tricks or just the steps for iOS malware analysis, as there's not a lot of content out there for it.

this is really interesting even for a non cybersecurity person who is just casually programming sometimes edit: i would love to see more of this technical stuff... i feel like i could learn a lot from you

Thank you for the content Marcus Any chance you could go deep on labs? As someone starting out I find there’s a lot of conflicting info on what a proper setup is

Marcus, this was so sick, thank you. I realized with the free IDA it doesn't look like you can show all of the function graph items at once? But once I started clicking through the different functions I was able to find the entry point as you described, Would love more of these beginner tuts. Question, how much better is IDA than Ghidra in your opinion?

Thank you Marcus.

I Tried doing this a couple of days ago reversing a hello world program but got overwhelmed by all the assembly and the control flow charts :P thanks marcus ty for this

Thank you for sharing this. Please share ways of manipulating packets on a network.

For some reason, when I follow the same procedure you did, IDA automatically shows the main function, not sure how... I did say no to symbols. Also, gave you a sub. :)

Can you please create playlist for reverse engineering or course, it would be really helpful? Thank you.

The BEST!

I would really appreciate some videos on how to be a researcher and malware analysis!

Do you use radare? would love to see you with all those powerful tools

Can you dynamically load the binary and pause on entry point the same as in x64dbg?

honestly which os do you spend your time witht he most? i know there's nothing like best, and one can choose his os and set tools in it. so just an overall questioin, and if windows , why?

when the next tutorial is going to be released?

Zoom the code little bit also can you do a vid how you setup this environment for beginners? So we can follow this along! Thanks

@MalwareTechBlog

3 жыл бұрын

The environment is just a Windows system with Visual Studio + IDA Freeware installed

Question: Does the _start function really return? An application must call some api to exit itself, so probably should find _exit function or something similar? Also, I think in x64 the return value is still stored in eax, not rax, because int type is still 32bits in x64. Of course it is a great method and indeed works.

I have made a c++ exe in VS but when I load it in IDAPro and go to export to see my main entry, I have different branches as compared to this videos. I have written the same code.

u can make one of this reaction vids like hacker reacts to hacking in films or hacker reacts to watchdogs, this kind of videos always get a lot views

Why are there some many functions when you load the symbols? Is that all standard library stuff?

Hello, can you help with decompile already hacked software?

go on bro

How much of that CRT startup code is actually needed? I know there's ways to compile without it but it seems like there's a *lot* there.

Thxx

Was trying this with 64bit and couldn't figure it out, 32Bit is a lot easier. I know there's a big difference between them both, I'll have to have a look

did i miss something? what if void main?

Noice!

mov S, D Move source to destination

How to find gname gworld

is this malware dude from twitter ?

Brother need video how to crack software

Good video. +1 on the text being too small.

F*ck windows. i just spent 2 hours reverse engineering CRT entry point and some functions, because I thought it was the actual code.

findOEP.cpp

Please, decrease your screen resolution probably down to 800x600 since, in my case, I use to watch videos on my ~5.5 inches smartphone and the problem is that reading is impossible since fonts are too small, this could probably extend to most of your audience. Thank you.

@MalwareTechBlog

3 жыл бұрын

I can maybe do 720p, but 800x600 is way too low resolution to record at. The videos are meant to be viewed full screen on a computer so you can follow along.

@tyrannosaurus_x

3 жыл бұрын

Wouldn't just increasing DPI solve the problem?

@MalwareTechBlog

3 жыл бұрын

A lot of software ignores the DPI settings

@ivankrupskyi8984

3 жыл бұрын

@@MalwareTechBlog idk, for me on 1920x1080 15'6 laptop it's perfectly fine... Keep going mate, you are very informative! Thank you!

@tyrannosaurus_x

3 жыл бұрын

@@MalwareTechBlog Ah. That's a bummer.

Ngl I understood nothing.