Contents

Getting your fill of Reverse Engineering and Malware Analysis

mubix included in reverse-engineering

2009-06-12 357 words 2 minutes

Contents

Matt, from the Exotic Liability forums, posed a suggestion for a episode: “Getting started [in] reverse engineering hardware drivers?”. I thought this was an interesting topic to attack so, I dug a bit into my RSS feed pile of goo and compiled this list of links. Hope this helps Matt.

Individuals —

Skywing - http://www.nynaeve.net/
Egypt - http://0xegypt.blogspot.com/
Yoni - http://blogs.msdn.com/michael_howard/
Raymond Chen - http://blogs.msdn.com/oldnewthing/
Sia0 - http://blogs.msdn.com/michkap/
Rob P - http://geekswithblogs.net/robp/Default.aspx
Quantam - http://qstuff.blogspot.com/
Phn1x - http://hamsterswheel.com/techblog/
Halavar Flake - http://addxorrol.blogspot.com/
Pedram - http://pedram.redhive.com/blog
Tyler Shields - http://www.donkeyonawaffle.org/
Wesley Shields - http://www.atarininja.org/
Peter Wieland - http://blogs.msdn.com/peterwie/
Michael Howard - http://blogs.msdn.com/michael_howard/
Doron Holan - http://blogs.msdn.com/doronh/
Nico Waisman - http://eticanicomana.blogspot.com/
Dmitry Vostokov - http://www.dumpanalysis.org/blog/
Nicolas Sylvain - http://nsylvain.blogspot.com/
Alex Ionescu - http://www.alex-ionescu.com/
Mattheiu Suiche - http://www.msuiche.net/
Larry Osterman - http://blogs.msdn.com/larryosterman/
Koby Kahane - http://kobyk.wordpress.com/
Jason Geffner - http://malwareanalysis.com/communityserver/blogs/geffner/default.aspx
Ero Carrera - http://blog.dkbza.org/
Dino Dai Zovi - http://blog.trailofbits.com/
Ilja - http://blogs.23.nu/ilja/
Nate Lawson - http://rdist.root.org/
Mark Russinovich - http://blogs.technet.com/markrussinovich/
Jose Nazario - http://www.wormblog.com/
Jonathan Morrison - http://blogs.msdn.com/itgoestoeleven/
John Robbins - http://www.wintellect.com/cs/blogs/jrobbins/default.aspx
Ilias Tsigkogiannis - http://blogs.msdn.com/iliast/
Daniel Reynaud - http://indefinitestudies.org/
Joanna Rutkowska - http://theinvisiblethings.blogspot.com/
Matthieu Kaczmarek - http://www.loria.fr/~kaczmare/index.en.htm
Silvio Cesare - http://silviocesare.wordpress.com/
Philippe Beaucamps - http://www.loria.fr/~beaucphi/
Debugging Toolbox - http://blogs.msdn.com/debuggingtoolbox/
Fravia’s saved works (RIP) - http://www.woodmann.com/fravia/index.htm

Groups —

Offensive Computing - http://www.offensivecomputing.net/
The Cover of Night - http://www.thecoverofnight.com/blog/
LHS - http://lhs.loria.fr/
NT Debugging - http://blogs.msdn.com/ntdebugging/
Hex Blog - http://www.hexblog.com/
Engineering for Fun - http://blog.engineeringforfun.com/

Company —

OpenRCE - http://www.openrce.org/articles/
DV Labs - http://dvlabs.tippingpoint.com/blog/
Matasano - http://www.matasano.com/log/
VeraCode - http://www.veracode.com/blog/
Trend Micro - http://blog.trendmicro.com/

Forums —

Reverse Engineering - http://community.reverse-engineering.net/index.php
OpenRCE - http://www.openrce.org/forums/
Assembly Forums - http://www.asmcommunity.net/board/

Sandboxing and Analysis —

Joe Box - http://www.joebox.org/
Virus Total - http://www.virustotal.com/
Wepawet - http://wepawet.cs.ucsb.edu/
F-Secure -http://www.f-secure.com/en_US/security/security-lab/
Anubis - http://anubis.iseclab.org/
Jotti - http://virusscan.jotti.org/en
Sunbelt CWSandbox - http://www.sunbeltsecurity.com/Submit.aspx?type=cwsandbox&cs=A41CD150B37359889A553671CBFD2360

Misc —

Code Breakers Journal - http://www.codebreakers-journal.com/
The Art of Assembly - http://webster.cs.ucr.edu/AoA/DOS/AoADosIndex.html
Intel Processor Instruction Set A-M/N-Z - http://www.intel.com/products/processor/manuals/
WASM.ru with translation - http://66.196.80.202/babelfish/translate_url_content?lp=ru_en&url=http://www.wasm.ru&.intl=us

Update on 2009-10-11 06:27 by Rob Fuller

The Malware Distribution Project posted a comment a while back letting us know of their project so that it could be added to the list:

MD:Pro - http://frame4.net/

And their ‘more up-to-date’ Fravia archive: http://fravia.frame4.com/