Search the Community

This book provides the back­ground knowledge and practical foundations you’ll need in order to master internal Linux program structure and behavior. It consists of practical step-by-step exercises of increasing complexity with explanations and ample diagrams. You’ll also work with the GDB debugger and use it for disassembly and reversing. By the end of the book, you will have a solid understanding of how Linux C and C++ compilers generate binary code. In addition, you will be able to analyze such code confidently, understand stack memory usage, and reconstruct original C/C++ code. Foundations of Linux Debugging, Disassembling, and Reversing is the perfect companion to Foundations of ARM64 Linux Debugging, Disassembling, and Reversing for readers interested in the cloud or cybersecurity What You'll Learn Review the basics of x64 assembly language Examine the essential GDB debugger commands for debugging and binary analysis Study C and C++ compiler code generation with and without compiler optimizations Look at binary code disassembly and reversing patterns See how pointers in C and C++ are implemented and used Download Link -> [Hidden Content]

Gain a solid understanding of how Linux C and C++ compilers generate binary code. This book explains the reversing and binary analysis of ARM64 architecture now used by major Linux cloud providers and covers topics ranging from writing programs in assembly language, live debugging, and static binary analysis of compiled C and C++ code. It is ideal for those working with embedded devices, including mobile phones and tablets. Using the latest version of Red Hat, you'll look closely at the foundations of diagnostics of core memory dumps, live and postmortem debugging of Linux applications, services, and systems. You'll also work with the GDB debugger and use it for disassembly and reversing. This book uses practical step-by-step exercises of increasing complexity with explanations and many diagrams, including some necessary background topics. In addition, you will be able to analyze such code confidently, understand stack memory usage, and reconstruct original C/C++ code. And as you'll see, memory forensics, malware, and vulnerability analysis, require an understanding of ARM64 assembly language and how C and C++ compilers generate code, including memory layout and pointers. This book provides the background knowledge and practical foundations you’ll need to understand internal Linux program structure and behavior. Foundations of ARM64 Linux Debugging, Disassembling, and Reversing is the perfect companion to Foundations of Linux Debugging, Disassembling, and Reversing for readers interested in the cloud or cybersecurity. What You'll Learn Review the basics of ARM64 assembly language Examine the essential GDB debugger commands for debugging and binary analysis Study C and C++ compiler code generation with and without compiler optimizations Look at binary code disassembly and reversing patterns See how pointers in C and C++ are implemented and used Who This Book Is For Software support and escalation engineers, cloud security engineers, site reliability engineers, DevSecOps, platform engineers, software testers, Linux C/C++ software engineers and security researchers without ARM64 assembly language background, and beginners learning Linux software reverse engineering techniques. [Hidden Content]

Review topics ranging from Intel x64 assembly language instructions and writing programs in assembly language, to pointers, live debugging, and static binary analysis of compiled C and C++ code. This book is ideal for Linux desktop and cloud developers. Using the latest version of Debian, you’ll focus on the foundations of the diagnostics of core memory dumps, live and postmortem debugging of Linux applications, services, and systems, memory forensics, malware, and vulnerability analysis. This requires an understanding of x64 Intel assembly language and how C and C++ compilers generate code, including memory layout and pointers. This book provides the back­ground knowledge and practical foundations you’ll need in order to master internal Linux program structure and behavior. It consists of practical step-by-step exercises of increasing complexity with explanations and ample diagrams. You’ll also work with the GDB debugger and use it for disassembly and reversing. By the end of the book, you will have a solid understanding of how Linux C and C++ compilers generate binary code. In addition, you will be able to analyze such code confidently, understand stack memory usage, and reconstruct original C/C++ code. Foundations of Linux Debugging, Disassembling, and Reversing is the perfect companion to Foundations of ARM64 Linux Debugging, Disassembling, and Reversing for readers interested in the cloud or cybersecurity. What You'll Learn Review the basics of x64 assembly language Examine the essential GDB debugger commands for debugging and binary analysis Study C and C++ compiler code generation with and without compiler optimizations Look at binary code disassembly and reversing patterns See how pointers in C and C++ are implemented and used Who This Book Is For Software support and escalation engineers, cloud security engineers, site reliability engineers, DevSecOps, platform engineers, software testers, Linux C/C++ software engineers and security researchers without Intel x64 assembly language background, beginners learning Linux software reverse engineering techniques, and engineers coming from non-Linux environments. [Hidden Content] [hide][Hidden Content]]

Foundations of ARM64 Linux Debugging, Disassembling, and Reversing: Analyze Code, Understand Stack Memory Usage, and Reconstruct Original C/C++ Code with ARM64 1st ed. Edition Gain a solid understanding of how Linux C and C++ compilers generate binary code. This book explains the reversing and binary analysis of ARM64 architecture now used by major Linux cloud providers and covers topics ranging from writing programs in assembly language, live debugging, and static binary analysis of compiled C and C++ code. It is ideal for those working with embedded devices, including mobile phones and tablets. Using the latest version of Red Hat, you'll look closely at the foundations of diagnostics of core memory dumps, live and postmortem debugging of Linux applications, services, and systems. You'll also work with the GDB debugger and use it for disassembly and reversing. This book uses practical step-by-step exercises of increasing complexity with explanations and many diagrams, including some necessary background topics. In addition, you will be able to analyze such code confidently, understand stack memory usage, and reconstruct original C/C++ code. And as you'll see, memory forensics, malware, and vulnerability analysis, require an understanding of ARM64 assembly language and how C and C++ compilers generate code, including memory layout and pointers. This book provides the background knowledge and practical foundations you’ll need to understand internal Linux program structure and behavior. Foundations of ARM64 Linux Debugging, Disassembling, and Reversing is the perfect companion to Foundations of Linux Debugging, Disassembling, and Reversing for readers interested in the cloud or cybersecurity. What You'll Learn Review the basics of ARM64 assembly language Examine the essential GDB debugger commands for debugging and binary analysis Study C and C++ compiler code generation with and without compiler optimizations Look at binary code disassembly and reversing patterns See how pointers in C and C++ are implemented and used Who This Book Is For Software support and escalation engineers, cloud security engineers, site reliability engineers, DevSecOps, platform engineers, software testers, Linux C/C++ software engineers and security researchers without ARM64 assembly language background, and beginners learning Linux software reverse engineering techniques. [Hidden Content] [hide][Hidden Content]]

MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz, 2 Ch Genre: eLearning | Language: English + srt | Duration: 127 lectures (26h 27m) | Size: 18.4 GB This course has everything you need to master Windbg as well as, debugging and reverse engineering Windows OS using it What you'll learn Advanced Windows Debugging Windbg Windows internals Dump Analysis Post-mortem debugging Core dump analysis in windows Debugging system crash Debugging BSOD Debugging process hang Debebugging system hang Reverse Engineering Malware Analysis Debugging Slow Systems Debugging Slow Applications Windows Usermode internals Windows Kernel mode internals Requirements C programming 1 to 2 year of IT experience on Windows Description Have you ever felt your windows operating system is hung or becoming slow or having a BSOD? Or an application crash or application hang or slow on windows? Have you had to press the restart button of your PC or the windows server to get rid of the problem and had no clue when that issue will happen again? Or you're asked to analyse a memory dump of a compromised system for isolating a malware?. If that bothers you, this training is all about root causing and solving such complicated issues once and for all, among many other topics it covers. Windbg is the single most powerful, debugging and reverse engineering tool in windows platform. Windbg is like an x-ray plus mri plus ct scan for programs running on windows operating system, including the operating system itself. It helps us to root cause complicated problems like we discussed in windows ( OS ) and programs running inside the operating system. Just like the name implies this training has all the details which you need to master windbg. I have spent all my efforts to make sure this is the best and most complete windbg training available right now and I will keep adding topics to make sure that the statement is true in the future as well. Targeted audience Due to any reason, if you are trying to use or learn windbg, you already know what you're doing and there is no better place than this course. If you have been following my youtube series, this course is a complete super set of it. Being said that following are some of the categories of students to whom, I strongly recommend this course. Support engineers If you are a support engineer or Escalation Engineer who is supporting any product on windows, or Windows itself, I definitely recommend this course. Malware analyst and cyber security professionals. If you are into core cyber security especially on windows platform this tool should be definitely in your arsenal. When it comes to reverse engineering, I myself don't prefer to compare ida pro or any other similar tool with windbg but I always found windbg is one of the most, if not THE most powerful and productive tool when it comes to reverse engineering along with debugging. Windows SysAdmins Another main targeted set of audience is Windows administrators who always can take leverage from tools like this and know more about the product they are working with and troubleshoot problems they face at a totally different level. C and C++ Programmers Last and not least may be the most important category of students - advanced C and C ++ programmers which includes, driver developers, testers, software maintenance engineers and so on. Are you wondering why your application is crashing, hanging, slow or taking too much resources? That too happens once in a blue moon in production and you have no way to reproduce the issue in your dev environment. Are you asked to debug a problem in a code base you have no clue about? Or you just want to see exactly what that latest feature of cpp 20 is doing behind the scenes? This training is for you. To summarise, this course is for anyone who wants to study windows internals and advanced production debugging on windows. Post this training you don't have to read every single windows internals and debugging books out there but you will debug whatever you want to know whatever you want to know, rather than reading some abstract result from some books. Post this training you will not have to read and learn OS internals from any books but you will debug and understand it as and when you need it. Course Structure This course has 3 chapters In Chapter 1 we discuss the necessary concepts to get us started and mostly focus on the commands of the debugger. In Chapter 2 we apply what we have learned in Chapter 1 to different debugging scenarios, like crashes, hangs, slowness, leaks and more. We will be using test applications for this chapter and we will have source code of these test applications. First we will discuss User mode issues and then we will go into Kernel mode. In chapter 3 we will use the knowledge gained in Chapter 1 and 2 to troubleshoot real production like or production issues. In this chapter we will discuss analysis of memory dumps which we don't have source code or any idea about. We will start with issues from sysinternals notmyfault and slowly get into true production debugging scenarios. I will keep adding lessons to this chapter if there is enough interest from students on this course. Students also can submit dumps to this chapter and they can get the dumps analyzed for free of cost and share the experience with others. Please refer to the course content and free preview lesson for more details about the structure and content of the course. Who this course is for Anyone who want to learn advanced windows debugging and Reverse engineering with Windbg Security Specialists Reverse engineers Malware analysts Support engineers Software developers Software Sustenance Engineers Windows Admins Escalation Engineers [Hidden Content] [Hidden Content]

ret-sync stands for Reverse-Engineering Tools SYNChronization. It is a set of plugins that help to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg/OllyDbg2/x64dbg) with a disassembler (IDA/Ghidra). The underlying idea is simple: take the best from both worlds (static and dynamic analysis). Debuggers and dynamic analysis provide us with: local view, with live dynamic context (registers, memory, etc.) built-in specialized features/API (ex: WinDbg’s !peb, !drvobj, !address, etc.) Disassemblers and static analysis provide us with: macro view over modules code analysis, signatures, types, etc. fancy graph view decompilation persistent storage of knowledge within IDBs/GPRs Key features: synchronize graph and decompilation views with debugger’s state no need to deal with ASLR, addresses are rebased on-the-fly pass data (comment, command output) from the debugger to disassembler multiple IDBs/GPRs can be synced at the same time allowing to easily trace through multiple modules disassembler and debugger can be on different hosts / VMs [hide][Hidden Content]]

Debugging iOS Applications with IDA Pro Tutorial We have updated our iOS Debugging Tutorial. It has some new sections that should be of particular interest: “Debugging the DYLD Shared Cache” discusses how to combine IDA’s incremental dyldcache loading functionality with the iOS Debugger. “Debugging System Applications” is a concrete example of how to use IDA to debug an iOS system daemon on a jailbroken device. We hope you will find these new examples engaging and useful! [hide][Hidden Content]]

Introduction Shake to hide or show the black bubble. (Support iPhone device and simulator) List all print() and NSLog() messages which have been written by developer in Xcode. List of all the network requests sent by the application. (Support JSON and Google's Protocol buffers) List crash errors. Share network details via email or copy to clipboard when you are in the Network Details page. Copy logs. (Long press the text, then select all or select copy) Search logs by keyword. List application and device informations, including: version, build, bundle name, bundle id, screen resolution, device, iOS version List all sandbox folders and files, supporting to preview and edit. List HTML logs, including console.log(),console.debug(),console.warn(),console.error(),console. info(). (support WKWebView and UIWebView). UIWebView Deprecated Application memory usage and FPS. Deprecated Long press the black bubble to show UIDebuggingInformationOverlay. (Apple's Private API, support iOS 10/11/12) Private API Deprecated [HIDE][Hidden Content]]

Charles Proxy (also known as Charles, Charles Proxy or Charles Web Debugging Proxy) is an advanced web debugging tool for developers. Charles is an HTTP monitor, HTTP proxy and Reverse Proxy software that allows developers to view all networking traffic, both on HTTP as well as HTTPS/SSL networks. They will be easy to know requests, responses, and HTTP headers that contain confidential and temporary information. This course is useful as a software development tool that uses the network to communicate with each other. Charles Web Debugging Proxy allows you to record and display all information/data that is sent and received on the network, both local as well as the Internet. On the web and Internet-based application development you can not see what is being sent and received between the client and the server. By using this software, you will be easier to see what is happening, so you can quickly diagnose and fix problems. Key features: Auto-configure System Proxy Settings & Browser Bandwidth throttling bandwidth and latency Repeat/Edit requests to test different inputs Support for Flash Remoting (AMF0 and AMF3) Supports AJAX, JSON, JSON-RPC, SOAP, and more. Useful for XML development in web browsers Validate recorded HTML, CSS and RSS responses View all information on HTTP/SSL communication View SSL requests and responses in plain text Tree format for easy viewing and debugging View the contents of Flash/Flex Remoting View XML and JSON requests and responses And much more. Version 4.5.6 15 January 2020 Bug fixes and fixed security vulnerability. Custom SSL server certificate imports fixed macOS: Security vulnerability fixed in Charles's system proxy settings helper tool (ProxyHelper) An unauthorised application or user could communicate with Charles's ProxyHelper application to change your system proxy settings. Thanks to Noah Tran and Csaba Fitzl for reporting this vulnerabilty, and to Christian at Obective Development for his great writeup of the general vulnerability. [Hidden Content] [HIDE][Hidden Content]]

Features Shake to hide or show the black bubble. (support both device and simulator) Long press the black bubble to show UIDebuggingInformationOverlay. (Apple’s Private API, support iOS 10/11/12) Application memory usage and FPS. List all print() and NSLog() messages which have been written by the developer in Xcode. (optional) List of all the network requests sent by the application. (optional) List crash errors. (optional) Share network details via email or copy to clipboard when you are in the Network Details page. Copy logs. (long press the text, then select all or select copy) Search logs by keyword. List application and device informations, including: version, build, bundle name, bundle id, screen resolution, device, iOS version List all sandbox folders and files, supporting to preview and edit. List HTML logs, including console.log(),console.debug(),console.warn(),console.error(),console. info(). (support both WKWebView and UIWebView). (optional) [HIDE][Hidden Content]]

Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information). [Hidden Content] 3 nov 2019 Charles 4.5.2 released including new features, bug fixes and improvements. [Hidden Content]