Reverse Engineering, Memory Hacking and Software Protection

0

Learn how to reverse, debug and patch packed programs – without unpacking – by using Cheat Engine.

What you’ll learn

Requirements

  • Assembly language is helpful but not compulsory
  • Windows PC
  • Already know how to use x64dbg debugger
  • Familiar with Cheat Engine

Description

If you had always wanted to learn how to reverse and patch packed programs – without unpacking,  then this is the course for you. This course is a follow-up from the earlier course on Reverse Engineering & Memory Hacking. It is the practical application of what you have learnt in the first course. If you think that packing and anti-debugging is good enough to prevent reverse engineering, then you may be in for a surprise. In this course, I will show you how to test the effectiveness of several popular packers by packing crackmes and then reversing them – without unpacking.

Traditionally packed programs are unpacked before debugging is carried out. This is because a packed program’s file cannot be patched. Much of software protection has centered on making it difficult to unpack programs. However,  the important question is: how effective is packing, obfuscation and anti-debugging as a means to prevent reversing? This course explores several packers to find the answers.

We will do the analysis using a tool called Cheat Engine, which is a prominent tool used by game hackers. This tool could also be used to study and analyze packed program’s processes that is running in memory. You will learn how to perform debugging in spite of anti-debugging being implemented. There is no need to unpack and dump memory.  Instead of unpacking and then patching the dumped files and fixing IAT (Import Address Table) tables,  we will write scripts to hack memory using byte patching using an advanced technique called AOB (Array-Of-Bytes) Injection, by injecting code into code caves (inline memory patching).  In this course you will learn how to do all of the above and more.

Who this course is for:

  • Anyone who wants to know how to assess the effectiveness of packers against Reverse Engineering
  • Software Developers who want to implement extra layer of protection in addition to packing and Anti-debugging

Reverse Engineering, Memory Hacking and Software Protection Download Link