Reverse Engineering

I always liked play around with reverse engineering tools to try and figure out some crackme challenges in Capture The Flag events. I, however, was never any good at it.

Last year I followed a Malware Reverse Engineering course given by Kaspersky Labs. I found out I had a natural intuition for the basic process and soon after I became a Kaspersky Lab Certified Instructor for the Malware Reverse Engineering course.

Reverse Engineering Virtual Machine

When I teach the material to other students I need a virtual machine with all the required tools. There are several virtual machines already available, such as FlareVM from FireEye, which will bootstrap an entire VM for your reversing needs.

Although I tend to use a subset of the packages available in this distributions I can fully recommend using it to get you started.

Android

One of the more fun things I started exploring has been reversing mobile applications, specifically for Android.

I started building a script to create a reproducible environment with all the tools needed. Some of the tools that I use are:

Larger Toolkits

MARA
Mobile Application Reverse engineering and Analysis Framework
Mobile Security Framework (MobSF)
(Android/iOS) Automated Pentesting Framework
Drozer
Security Assessment Framework for Android Applications
AndroidStudio
IDE For Android Application Development

Static Analysis

Radare2
Unix-like reverse engineering framework and commandline tools
ByteCodeViewer
Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger)
APKtool
Reverse Engineering Android Apks

Dynamic Analysis

Frida
Inject JavaScript to explore native apps on Windows, macOS, Linux, iOS, Android, and QNX.
BurpSuite
Assessing Application Security
Wireshark
Network Protocol Analyzer

Vulnerability scanners

AndroBugs Framework
Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications
Qark
Tool to look for several security related Android application vulnerabilities