If you have been using debuggers to reverse engineer programs but wished you had more understanding of Assembly Language, then this course is for you. We will cover enough assembly language to allow you to understand how to modify exe files to insert your own code or, to modify existing exe files to do things which it was not intended to do.
If you have been using debuggers to reverse engineer programs but wished you had more understanding of Assembly Language, then this course is for you. We will cover enough assembly language to allow you to understand how to modify exe files to insert your own code or, to modify existing exe files to do things which it was not intended to do.
Traditionally, assembly language programming is taught using an assemblers like NASM or FASM. But learning it that way will not give you the skills to understand reverse engineered programs. There is a missing link (knowledge gap) of how to apply your assembly knowledge to modify programs. This course fills that knowledge gap.
Instead of using an assembler, we will directly use the x64dbg debugger to learn assembly language. That is right, we will write our own assembly code inside the x64dbg debugger itself. You will learn Assembly Language from the ground up with zero knowledge as a complete beginner.
We will use techniques that allow you to:
modify existing code
overwrite existing code
modify memory segments to insert data
create new functions
exploit code caves
add new functionality to existing programs
and more...
This black art is not widely taught and there are no existing courses elsewhere that puts together coherently all the knowledge of assembly and reverse engineering. Mostly what you will find are separate courses on Assembly and Reverse Engineering. Many courses on Reverse Engineering don't cover the background assembly language from a software hacker's perspective. And almost all Assembly Language courses teach you how to write programs from scratch, instead of how to modify existing programs to add new functionality with your own code using a debugger like x64dbg.
The knowledge you gain will be your added advantage either as a security researcher, or, malware analyst, or student of software security. It will also benefit programmers who want to know how programs run internally and how to extend program functionality if you do not have the source code.
Go ahead and enroll now and I will see you inside.
How to install x64dbg and configure it. Also how to install Detect-It-Easy (DiE). We will use xdbg to write assembly programs.
A quick revision on binary and hexadecimal number systems.
Introduction to xdbg debugger
Debugger Stepping Basics
How to hollow out an exe file for use as a basic template for writing assembly code.
Introduction to CPU registers
Explanation of the MOV instructions and also a practical on writing your first assembly instructions using the xdbg debugger.
Addition using full registers (DWORD).
Addition of partial registers: word and bytes
Learning the SUB instruction for subtracting values to and from registers.
Learn the INC (Incrementing by one) and the DEC (Decrementing by one) Instructions.
Learn how multiplication works using the MUL instruction
How to do DIV instructions.
DIV exercise 1 and DIV exercise 2.
How to copy values from register to memory and vice versa.
How to directly copy data to memory using the MOV instruction and also how to directly hardcode data into memory by patching the EXE's file.
An exercise to consolidate your understanding of how to access memory.
Learn what the stack is and how to push register values to the stack
Learn how to pop register values to registers and also how to backup register values and restore them.
How to push constants (integer values) to the stack and also how to push strings to the stack by pushing the memory address of the start of the string.
How function call works and example of 1-parameter function call.
How to call functions by pushing parameters from memory to stack for strings and also for numbers
Exercise for calling function with 2 parameters - a string with format specifiers and a number
An exercise using data segment to store strings and pushing them to stack as parameters for function call.
Basics of input output in assembly
How to read in numbers and output it again.
Using assembly to input strings and then to output it again.
What are code caves and why we need them.
How to write JMP instructions to enter the Code Cave region and then back to the address after the jump point.
How to use code cave to push parameters to stack and call functions.
How to use code caves to extend the program when you run out of memory. A simple exercise to show how this is done.
Description of the requirements for the calculator project and tips for solving it.
Designing the high level solution and converting to assembly code.
Implement the design solution into assembly code.
How to access and use functions that returns a value and also writing a simple demo.
An exercise on getting input from user, using strlen() function to get the length of the string and then display the result.
What are the Flags Register and how does the ZF flag work.
What is the SF (Sign Flag) and how it works.
How the CF Flag (Carry Flag) works.
What is the OF Flag and how it works.
Both CF and OF flags will change with every arithmetic operation. This lecture explains which one you should be looking at.
What are Jumps and also a practical on JZ jump.
Learn about JNZ (Jump Not Zero)
How to write a loop using the JZ conditional jump instruction
How to write an optimized loop using the JNZ instruction
Other conditional jumps, eg, JS, JC, JO, JNS, JNC and JNO
Explanation of the CMP instructions and how it works
Writing assembly code to include CMP instructions to see how it works.
Are are unsigned and signed comparisons and what special instructions are being used for each.
Introduction to high level programming constructs and how to implement the if-else statement using assembly.
How to implement for loops in assembly.
How to implement the high level programming construct of the WHILE Loop using assembly.
How to use the high level programming construct called BREAK to prematurely exit a loop in assembly.
How to use the Graph View and Trace Animate. Also discuss Principles of Jumps.
How NEG works and a practical on it.
Learn about signed and unsigned extensions.
Hands on practical on using MOVZX and MOVSX for unsigned extension and signed extension.
How to do signed conversions using CBW and CWDE.
How to convert signed numbers using CWD and CDQ.
IMUL is the signed-aware version of the MUL instruction.
A hands-on practical on IDIV
Basic Boolean Algebra refresher
Using the NOT, AND, OR, XOR instructions in xdbg
Learn about using arithmetic shifting for multiplication and division
Learn about bit rotation instructions, i.e. ROL and ROR
Using AND and ROR to do an exercise on bitwise operations.
An explanation of what memory arrays are with simple examples
A walk-through on what memory arrays are and how to access them.
What are LEA instructions and how it is commonly used.
A simple example and walkthrough to get a quick glimpse of how it is used.
How to use an LEA with an ECX counter to calculate address of each array element
Using ECX counter and LEA in a loop to iterate through an array.
Introduction to Data Structures and its importance
A practical walkthrough on how to create a data struct in xdbg
Learn how to use the string instructions, eg, STOS, LODS, MOVS, REP etc...
What is the DF flag and how use it
Learn the family of LODS (Load String) instructions: LODSB, LODSW and LODSD
Let's do an exercise to put your knowledge of string operations to good use. Write a program that sums up the elements of an array.
Learn about the MOVSB, MOVSW and MOVSD instructions and how they work
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.