X64 Assembly Language And Reverse Engineering Practicals
Published 3/2024
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz
Language: English | Size: 10.76 GB | Duration: 12h 52m
Published 3/2024
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz
Language: English | Size: 10.76 GB | Duration: 12h 52m
Understand x64 (64-bit) assembly code and apply knowledge to reversing x86 and x64 programs
What you'll learn
x64 (64-bit) Assembly Language
Reverse Engineering
x64dbg debugging
Modifying programs
Injecting code into 64-bit exe files
Hollowing out 64-bit exe files
64-bit registers
64-bit memory read and write access
x64 calling conventions
Creating x64 functions
Password phishing without strings
Creating keygens
Reversing program code logic
Trace highlighting and animation
Stack manipulation
Comment tracing debug technique
Hooking WinAPI debug technique
File Patching
Enabling disabled buttons
Removing Nag Screens
Deep Tracing to Phish out passwords
Loop tracing techniques
Defeating Anti-Debugger protection
Reversing binary without strings
Using Python to write Loaders and Memory Patcher
Reversing Software Protected Binary without unpacking
and more . . .
Requirements
Completed the first course in this series: Assembly Language Programming for Reverse Engineering
Windows OS running Intel x86_86 architecture
Oracle VirtualBox Running Windows 10 or 11 virtual machine
Description
If you've been using debuggers to reverse-engineer programs and wish you had a better understanding of Assembly Language, or if you're just looking to learn Assembly Language in a fun and exciting way, then this course is for you. Embark on a journey to master the intricacies of x64 assembly language with this specialized course, designed for those aiming to elevate their reverse engineering skills. This is the second course in this series after the first one: Assembly Language Programming for Reverse Engineering. In that earlier course the focus was on x86 basics where we covered 32-bit assembly. In this course, we continue the journey by learning x64 (64-bit assembly). In the second half of this course, we will apply all the knowledge from the first course, as well as new insights from this course, to hands-on reverse-engineering exercises with executable binaries. Taking the first course is preferable but not mandatory. You could just jump straight into this x64 course and learn the differences with x86 as you go along.While traditional assembly language courses focus on writing code from scratch using assemblers like NASM or FASM, they often leave a knowledge gap when it comes to applying that expertise to real-world reverse engineering. This course is tailored to fill this gap, providing you with the knowledge to modify and extend the functionality of existing 32-bit and 64-bit applications.Utilizing the powerful x64dbg debugger, we'll bypass the traditional assemblers to teach you assembly language in the context it's most used in the field: directly within the debugging environment. This is also known as the hacker's perspective to assembly language. This hands-on approach ensures that you learn by doing, which is critical for effectively reverse engineering and manipulating software.This black art is not widely taught and there are no existing courses elsewhere that put together coherently all the knowledge of assembly and reverse engineering in one place. More often than not, courses on Assembly and Reverse Engineering are offered separately. Many courses on Reverse Engineering don't cover the background assembly language from a software hacker's perspective. Moreover, almost all Assembly Language courses focus on writing programs from scratch rather than modifying existing programs to add new functionality with your own code using a debugger like x64dbg.In this course, you will learn to:- Navigate and utilize the x64dbg debugger- Analyze and alter x64 executable files to inject custom code.- Harness data, executable and memory segments to expand program capabilities.- Develop new functions within existing applications for added functionality.- Understand the x64 Microsoft Calling conventions and Stack Frames.- Directly manipulate memory data segment- Bypass string encryption - Deep tracing to retrieve data and passwords- Use Python to patch process memory- Modify packed programs without unpackingand more . . .Features of this course:This course is oriented towards practical applicationsNo lengthy, dull theoretical lecturesFirst half of this course: Learn x64 Assembly Language through the x64dbg debuggerSecond half of this course: Practice reversing, tracing, extracting data, memory hacking, and modifying executable binariesLearning Objectives:By the end of this course, you will have a thorough understanding of x64 assembly language from a reverse engineer's perspective, a skill set that is rare and highly sought after in fields like cybersecurity, malware analysis, and software development.Whether you're a security researcher, a malware analyst, a student of software security, or a programmer looking to deepen your understanding of software internals, this course is your stepping stone to becoming proficient in the 'black art' of assembly language and reverse engineering.Enroll now to gain this competitive edge and take your skills to the next level. Let's unravel the complexities of x64 together. I look forward to guiding you through every step of this exciting journey! See you inside!
Overview
Section 1: Introduction
Lecture 1 Introduction
Lecture 2 Installing Virtual Machine and x64dbg
Section 2: Intro to x64 architecture
Lecture 3 Why use a Debugger for learning Assembly Language
Lecture 4 x64 instructions
Section 3: Your First Program
Lecture 5 Write your first instruction
Section 4: Accessing Memory
Lecture 6 Storing number constants in memory
Lecture 7 Storing string constants in memory
Lecture 8 Creating variables
Section 5: Add Instructions
Lecture 9 How to zero out a register using XOR
Lecture 10 ADD instructions
Section 6: Partial MOV instructions
Lecture 11 Creating a new template
Lecture 12 Partial MOV instructions
Section 7: PUSH and POP instructions
Lecture 13 Basics of PUSH and POP
Lecture 14 Exercise on PUSH and POP
Section 8: MOV Instructions
Lecture 15 Intro to MOV Instructions
Lecture 16 Practical on MOV Instructions
Section 9: XCHG Instructions
Lecture 17 XCHG Instruction
Lecture 18 XCHG Memory
Section 10: INC, DEC, NEG, ADD and SUB
Lecture 19 INC and DEC
Lecture 20 NEG
Lecture 21 ADD and SUB
Section 11: Register Flags
Lecture 22 Intro to the Register Flags
Lecture 23 CF Flag
Lecture 24 OF Flag
Lecture 25 SF Flag
Lecture 26 ZF Flag
Section 12: Bitwise Logical Operations
Lecture 27 Introduction to Bitwise Logical Operations
Lecture 28 AND Operations
Lecture 29 OR Operations
Lecture 30 XOR Operations
Lecture 31 Flags Register
Lecture 32 NOT Operation
Section 13: Jump Instructions
Lecture 33 Introduction to Jumps
Lecture 34 JMP Instructions
Lecture 35 TEST Instructions
Lecture 36 CMP Instructions
Lecture 37 Conditional Jumps
Lecture 38 Signed Conditional Jumps
Lecture 39 Implementing If Statements
Lecture 40 Implementing If-Else Statements
Lecture 41 Multiple IF tests
Lecture 42 WHILE Loops
Lecture 43 DO-WHILE Loops
Section 14: Memory Arrays
Lecture 44 Introduction to arrays in x64dbg
Lecture 45 Looping through an array
Lecture 46 LEA Instructions
Section 15: MUL and DIV instructions
Lecture 47 MUL instructions
Lecture 48 DIV Instructions
Lecture 49 IMUL Instructions
Section 16: Creating Functions
Lecture 50 The Stack
Lecture 51 Creating Stackframes, CALL and RET instructions
Lecture 52 Calling Conventions
Lecture 53 Simple Function Call with 4 args and no local variables
Lecture 54 Function Call with 4 args and 4 local variables
Lecture 55 Function Call with 5 args
Lecture 56 Function Call with 6 args
Lecture 57 Function Call with 7 args
Section 17: Practicals on Reverse Engineering
Lecture 58 Introduction to the Practicals
Lecture 59 How to check exe type
Section 18: Phishing for Passwords
Lecture 60 Phishing for Passwords
Section 19: How to reverse a jump and patch the file
Lecture 61 How to reverse a jump and patch the file
Section 20: The Comment Tracing method
Lecture 62 The Comment Tracing method
Section 21: Patch exe to change password
Lecture 63 How to directly access memory to modify password and patch the exe file
Section 22: GUI Crackme Techniques
Lecture 64 Enabling a disabled greyed out button
Lecture 65 How to remove a Nag Message Box
Lecture 66 Patching to accept any serial key and also to modify the message box
Section 23: Deep Tracing Username and Password
Lecture 67 Tracing username
Lecture 68 Tracing password
Section 24: Tracing EAX values and Stepping into Calls
Lecture 69 Tracing EAX values
Lecture 70 Patching to show the Right Message
Section 25: Get the password
Lecture 71 Tracing EAX values to get password
Lecture 72 Patching to show Congrats message
Section 26: Loop Tracing Long Passwords
Lecture 73 Loop Tracing Part 1
Lecture 74 Loop Tracing Part 2
Lecture 75 Loop Tracing Part 3
Lecture 76 Identifying multiple patching options to always show the good message
Section 27: Loop Tracing GUI Crackme
Lecture 77 Loop Tracing Registration Number - Part 1
Lecture 78 Loop Tracing Registration Number - Part 2
Lecture 79 Proper way to patch MessageBox
Section 28: Comment Tracking Techniques
Lecture 80 Comment Tracking Technique - Part 1
Lecture 81 Comment Tracking Technique - Part 2
Lecture 82 Patching To Show the Good Message
Section 29: How to Create Keygens
Lecture 83 Creating a Self-Keygen
Lecture 84 Modifying MessageBox Caption using CodeCaves
Section 30: How to Create Keygens even though no Error MessageBox is shown
Lecture 85 Phishing for the Serial
Lecture 86 Improvise an alternative MessageBox to show serial key
Section 31: Fast Tracing by Toggling ZF flag
Lecture 87 Fast Tracing by Toggling the ZF flag
Lecture 88 Patching Multiple Jumps with Block NOPs
Section 32: Removing Recurrent Nags and Defeating Anti-Debugger Protection
Lecture 89 Installing Process Hacker
Lecture 90 Behaviour Analysis
Lecture 91 Defeating Anti-Debugger and Killing the 1st Nag
Lecture 92 Killing the 2nd Nag and Avoiding Patching Relocation Memory
Lecture 93 Killing 3rd Nag and Using Intermodular Exit API to Quit
Section 33: Self-Keygen Using Data Segment with printf Function
Lecture 94 Tracing the algorithm for key generation
Lecture 95 Inject own printf function from within an exe to print out serial key
Section 34: Tracing length of secret code and analyzing x64 Fastcall Parameters
Lecture 96 Behaviour Analysis
Lecture 97 Tracing length of secret code
Lecture 98 Analyzing x64 Fastcall Parameters
Section 35: Bypassing Encryption
Lecture 99 Behaviour Analysis
Lecture 100 Bypassing encryption by analyzing CMP instructions
Lecture 101 Bypassing encryption by patching
Section 36: Bypass UPX protection
Lecture 102 Debug a UPX packed binary
Lecture 103 Phish for password without using string search
Lecture 104 Patch memory with Python
Students who have completed my first course in this series: Assembly Language Programming for Reverse Engineering,Anyone who already know x86 Assembly (32-bit) and want to learn x64 (64-bit) Assembly from a hacker's perspective,Security researchers