OpenCourser brand icon
Sign in
We may earn an affiliate commission when you visit our partners.

Reverse Engineering, Memory Hacking and Software Protection

Paul Chin, PhD

If you had always wanted to learn how to reverse and patch packed programs - without unpacking,  then this is the course for you. This course is a follow-up from the earlier course on Reverse Engineering & Memory Hacking. It is the practical application of what you have learnt in the first course. If you think that packing and anti-debugging is good enough to prevent reverse engineering, then you may be in for a surprise. In this course, I will show you how to test the effectiveness of several popular packers by packing crackmes and then reversing them - without unpacking.

Read more

If you had always wanted to learn how to reverse and patch packed programs - without unpacking,  then this is the course for you. This course is a follow-up from the earlier course on Reverse Engineering & Memory Hacking. It is the practical application of what you have learnt in the first course. If you think that packing and anti-debugging is good enough to prevent reverse engineering, then you may be in for a surprise. In this course, I will show you how to test the effectiveness of several popular packers by packing crackmes and then reversing them - without unpacking.

Traditionally packed programs are unpacked before debugging is carried out. This is because a packed program's file cannot be patched. Much of software protection has centered on making it difficult to unpack programs. However,  the important question is: how effective is packing, obfuscation and anti-debugging as a means to prevent reversing? This course explores several packers to find the answers.

We will do the analysis using a tool called Cheat Engine, which is a prominent tool used by game hackers. This tool could also be used to study and analyze packed program's processes that is running in memory. You will learn how to perform debugging in spite of anti-debugging being implemented. There is no need to unpack and dump memory.  Instead of unpacking and then patching the dumped files and fixing IAT (Import Address Table) tables,  we will write scripts to hack memory using byte patching using an advanced technique called AOB (Array-Of-Bytes) Injection, by injecting code into code caves (inline memory patching).  In this course you will learn how to do all of the above and more.

At the end of this course you will be able to gauge the effectiveness of software packers, obfuscation and anti-debugging protection and also to have a good idea of how to implement extra countermeasures to improve the security of software.

In all the practical exercises and walkthroughs, we will use Crackme's which I have written. You will learn how to pack them using several popular packers and then hack them using Cheat Engine.

What you will learn

  • How to set hardware breakpoints and debug packed programs in spite of anti-debugging protection

  • Doing Break and Trace to identify Algorithms for reversing

  • Identifying addresses to do memory patching

  • Writing custom trainers (loaders) using Cheat Engine to hack and patch memory

  • Modify program behavior

  • Process Patching programs

  • Creating Lua Scripts for process patching

  • Test the effectiveness of Anti-Debugging technology

  • Packing crackmes using popular packers

  • Hack the packed crackmes and patch their memory during runtime

Prerequisites:

  • Before taking this course, you should preferably be already familiar with how to use x64dbg and Cheat Engine

  • Windows PC

  • Some knowledge of Assembly would be useful but not compulsory

So, go ahead and enroll now and I will see you inside.

Enroll now

What's inside

Learning objectives

  • Bypass anti-debuggers
  • Patch memory
  • Use x64dbg debugger
  • Using cheat engine
  • Using scyllahide plugin
  • Using sharpod plugin
  • Using built-in hide debugger functionality
  • Using trainers (loaders) for process patching
  • Aob code injection
  • Direct byte patching
  • Asm scripting for app hacking
  • Lua scripting for memory hacking
  • Designing trainers (loaders) with ce's form designer
  • Break and trace
  • Modify program behaviour
  • Packing and disassembling crackmes using popular packers
  • And more...
  • Show more
  • Show less

Syllabus

Introduction

Intro to course

Introduction to Memory Hacking

Introduction to Memory Hacking

Read more

Basic Technique to Bypass Packer Protection

Basic Technique to Bypass Anti-Debug Protection

Using and Evaluating VMP Protect

Applying Memory Hacking Techniques On VMProtect

Bypassing Kernel Level Anti-Debug Protection

Creating a Custom Memory Hacker (Trainer)

Using and Evaluating Enigma

How to use install packer 273 and pack a crackme

Using JMP memory hack technique

How to create a custom memory hacker for packed program packed with Packer 273

Using and Evaluating Themida Code Virtualizer

How to download and install pakcer 731 and then use it to pack a Crackme

How to use the String Search method to hack memory

Bypass Using Memory Scanning Technique

Creating a Trainer

Resources For Further Study

Bonus Lecture

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Explores techniques for bypassing anti-debugging measures, which is crucial for reverse engineering and security analysis
Teaches memory patching techniques, enabling modification of program behavior at runtime, which is valuable for software customization and security research
Utilizes Cheat Engine, a prominent tool in the game hacking community, to analyze and manipulate packed program processes, offering practical skills for game modification and reverse engineering
Requires familiarity with x64dbg and Cheat Engine, suggesting it is designed for those with some existing reverse engineering and debugging experience
Covers packing crackmes using popular packers, which allows learners to test the effectiveness of software protection techniques and understand common vulnerabilities
Employs older packers such as VMProtect, Enigma, and Themida, which may not reflect current industry standards for software protection

Save this course

Save Reverse Engineering, Memory Hacking and Software Protection to your list so you can find it easily later:
Save

Reviews summary

Practical reverse engineering and memory hacking

According to the course description, this course offers a practical approach to reverse engineering and memory hacking, focusing specifically on analyzing and patching packed programs without traditional unpacking methods. It leverages tools like Cheat Engine and x64dbg, covering techniques such as AOB Injection and creating custom trainers. The curriculum includes analyzing specific packers like VMProtect, Enigma, and Themida, and provides hands-on exercises using crackmes. Students are expected to have some familiarity with the core tools.
Unique angle tackling packed software directly.
Learn advanced memory patching methods.
Learn practical skills using key tools.
Strong emphasis on practical application.
Requires existing tool knowledge for success.

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Reverse Engineering, Memory Hacking and Software Protection with these activities:
Review Assembly Language Fundamentals
Reinforce your understanding of assembly language, which is crucial for reverse engineering and memory hacking.
Browse courses on Assembly Language
Show steps
  • Review basic assembly instructions (MOV, ADD, SUB, JMP).
  • Practice reading and interpreting assembly code snippets.
  • Familiarize yourself with registers and memory addressing modes.
Practice with x64dbg
Improve your proficiency with x64dbg, a key tool used throughout the course.
Show steps
  • Load a simple executable into x64dbg.
  • Set breakpoints and step through the code.
  • Examine register values and memory contents.
  • Practice using different debugging commands.
Follow Cheat Engine Tutorials
Enhance your Cheat Engine skills by working through tutorials focused on memory scanning and manipulation.
Show steps
  • Find tutorials on basic memory scanning techniques.
  • Practice finding and modifying values in a simple game or application.
  • Explore advanced features like pointers and code injection.
Four other activities
Expand to see all activities and additional details
Show all seven activities
Read 'Practical Reverse Engineering'
Deepen your understanding of reverse engineering principles and techniques with this comprehensive guide.
View Practical Reverse Engineering on Amazon
Show steps
  • Read the chapters relevant to the course topics, such as debugging, memory analysis, and code injection.
  • Experiment with the tools and techniques described in the book.
  • Apply the knowledge gained from the book to solve crackmes and other reverse engineering challenges.
Crackme Exercises
Sharpen your reverse engineering skills by attempting to solve crackmes using the techniques learned in the course.
Show steps
  • Download a collection of crackmes with varying difficulty levels.
  • Analyze each crackme using x64dbg and Cheat Engine.
  • Identify the key checks and implement patches to bypass them.
  • Document your findings and the steps you took to solve each crackme.
Write a Blog Post on Packer Analysis
Solidify your understanding of packers by writing a blog post analyzing their strengths and weaknesses.
Show steps
  • Choose a specific packer to analyze (e.g., VMProtect, Enigma Protector).
  • Research the packer's techniques for code obfuscation and anti-debugging.
  • Pack a simple program with the packer and analyze the resulting executable.
  • Write a blog post summarizing your findings, including the packer's strengths, weaknesses, and potential bypass techniques.
Develop a Custom Trainer
Apply your knowledge by creating a custom trainer for a game or application, incorporating AOB injection and memory patching techniques.
Show steps
  • Choose a target game or application.
  • Identify memory locations to modify (e.g., health, ammo, score).
  • Implement AOB injection and direct byte patching techniques to modify the memory locations.
  • Design a user interface for your trainer using Cheat Engine's form designer or another tool.
  • Test your trainer and refine it as needed.

Career center

Learners who complete Reverse Engineering, Memory Hacking and Software Protection will develop knowledge and skills that may be useful to these careers:
Reverse Engineer
A Reverse Engineer analyzes software to understand its design, functionality, and potential vulnerabilities. This course helps you dissect and modify packed programs without unpacking them, a core skill for a Reverse Engineer. You will learn to test the effectiveness of packers, bypass anti-debugging measures, and patch memory using techniques like AOB injection. This course, with its focus on using Cheat Engine, helps Reverse Engineers to effectively analyze and manipulate software, even when protected by packers and anti-debugging techniques. The ability to write custom trainers and Lua scripts for memory hacking, as taught in this course, helps Reverse Engineers automate and enhance their analysis and patching processes.
See salaries and explore the career path for Reverse Engineer
Game Hacker
A Game Hacker modifies video games, often to gain an unfair advantage or explore hidden features. This course helps you hack and patch memory, modify program behavior, and bypass anti-debugging measures, all skills relevant to Game Hackers. By understanding how to use Cheat Engine and inject AOB code, you will be able to create custom trainers and modify game logic, allowing you to create new features or cheat. The course's practical exercises, using crackmes and popular packers, directly translates to the challenges faced when hacking video games. If you're interested in video games, or cheating at games, this role may be a good fit for you.
See salaries and explore the career path for Game Hacker
Exploit Developer
An Exploit Developer creates code that takes advantage of software vulnerabilities. This course provides essential skills in reverse engineering, memory hacking, and bypassing software protections, which are critical for identifying and exploiting vulnerabilities. The techniques taught empower Exploit Developers to analyze packed programs, bypass anti-debugging measures, and inject code, enabling them to craft effective exploits. This course helps aspiring Exploit Developers to understand the intricacies of software security and develop sophisticated exploitation techniques. The hands-on exercises with crackmes and popular packers provide practical experience in identifying and exploiting weaknesses in real-world software.
See salaries and explore the career path for Exploit Developer
Security Analyst
A Security Analyst identifies and mitigates security risks in software and systems. This course helps you understand how packers, obfuscation, and anti-debugging techniques are used to protect software, and how to circumvent these protections. Security Analysts can use the skills taught in this course to assess the effectiveness of software protection mechanisms and identify vulnerabilities. Furthermore, this course shows how to bypass anti-debugging and patch memory, critical skills for Security Analysts seeking to uncover security flaws in protected software. The practical exercises involving crackmes and popular packers provide hands-on experience that is directly applicable to real-world security analysis scenarios.
See salaries and explore the career path for Security Analyst
Malware Analyst
A Malware Analyst examines malicious software to understand its functionality and behavior. This course offers valuable skills in dissecting packed and obfuscated code, which is frequently used by malware developers to evade detection. You will discover how to bypass anti-debugging techniques and analyze program memory, crucial for understanding how malware operates. Malware Analysts can use this knowledge to develop effective detection and removal strategies. By learning to reverse engineer and patch packed programs, as emphasized in this course, prospective Malware Analysts gain the ability to unravel even the most complex and well-protected malware samples.
See salaries and explore the career path for Malware Analyst
Penetration Tester
A Penetration Tester evaluates the security of systems by simulating attacks. This course provides you with skills to bypass software protections and manipulate program behavior, essential for a Penetration Tester. By learning to reverse and patch packed programs, use debuggers effectively, and inject code, you will enhance your ability to find vulnerabilities in protected software. This course helps Penetration Testers to think creatively about how to circumvent security measures and gain unauthorized access to systems. The focus on using Cheat Engine and AOB injection techniques can be particularly valuable in identifying weaknesses in custom software or applications with limited documentation.
See salaries and explore the career path for Penetration Tester
Software Developer
A Software Developer creates and maintains software applications. This course provides insights into software protection techniques and how they can be circumvented, which helps Software Developers design more secure applications. The focus on bypassing anti-debugging measures and patching memory can help Software Developers understand the potential vulnerabilities in their code and implement effective countermeasures. Furthermore, familiarity with reverse engineering techniques helps Software Developers to analyze existing codebases, troubleshoot issues, and improve software performance. By understanding how packers and obfuscation work, as taught in this course, you'll be able to make informed decisions about how to protect your intellectual property and prevent unauthorized modification of your software.
See salaries and explore the career path for Software Developer
Vulnerability Researcher
A Vulnerability Researcher identifies weaknesses in software that could be exploited by attackers. This course gives you the skills to analyze software, understand its inner workings, and uncover potential vulnerabilities, even when protected by packers and anti-debugging techniques. The ability to reverse engineer and patch packed programs, bypass anti-debugging measures, and inject code helps Vulnerability Researchers to thoroughly assess the security of software. You will learn how to use debuggers effectively and manipulate program behavior to identify and trigger vulnerabilities. This course may improve Vulnerability Researchers' ability to think critically about software security and identify weaknesses that others might miss.
See salaries and explore the career path for Vulnerability Researcher
Software Security Engineer
A Software Security Engineer designs and implements security measures to protect software from attacks and vulnerabilities. This course may help you understand the techniques that attackers use to reverse engineer, tamper with, and exploit software. By learning how to bypass software protection and patch memory, a Software Security Engineer gains insight into how to design more secure software. This course helps Software Security Engineers to think like an attacker and proactively address potential vulnerabilities. You may learn about obfuscation, packing, and anti-debugging techniques, enabling you to implement effective defense mechanisms.
See salaries and explore the career path for Software Security Engineer
Firmware Engineer
A Firmware Engineer develops and maintains the low-level software that controls hardware devices. This course may be useful in analyzing and modifying firmware images, which are often packed or obfuscated to protect intellectual property. The ability to reverse engineer and patch packed programs helps engineers to understand the functionality of firmware and identify potential vulnerabilities. This course may aid Firmware Engineers in customizing firmware for specific applications, troubleshoot issues, or enhance device performance. Because firmware often interacts directly with hardware, some knowledge of assembly language is recommended, as is taught in this course.
See salaries and explore the career path for Firmware Engineer
Digital Forensics Analyst
A Digital Forensics Analyst investigates digital evidence to uncover the facts of a crime or incident. This course may improve your capabilities in analyzing malware or other malicious software involved in cybercrimes. By understanding how packers, anti-debugging techniques, and memory patching work, you will be better equipped to extract and analyze digital evidence from compromised systems. This course may help you to uncover hidden functionality and identify the actions taken by attackers. Experience using debuggers may be useful to follow code execution and reconstruct events.
See salaries and explore the career path for Digital Forensics Analyst
Cryptographer
A Cryptographer designs and analyzes encryption algorithms and security protocols. This course may assist in understanding how software protection techniques can be used to enhance the security of cryptographic implementations. By learning how to reverse engineer and patch programs, you may better understand how attackers might attempt to circumvent cryptographic protections. This course may improve your ability to develop more robust and secure cryptographic systems. Expertise with code may be needed to test and evaluate the security of cryptographic algorithms.
See salaries and explore the career path for Cryptographer
Software Quality Assurance Tester
A Software Quality Assurance Tester identifies defects and ensures the quality of software applications. This course may improve your ability to thoroughly test software by understanding how attackers might try to exploit vulnerabilities or bypass security measures. The knowledge of reverse engineering and memory patching may help you to identify corner cases and uncover subtle defects that might otherwise be missed. This course may enhance your ability to create more comprehensive and effective testing strategies. The course, with its focus on using Cheat Engine, may give insights into what could go wrong with software.
See salaries and explore the career path for Software Quality Assurance Tester
Intelligence Analyst
An Intelligence Analyst gathers and analyzes information to provide insights on security threats and risks. This course may improve your ability to analyze malware, understand the tactics and techniques used by cybercriminals, and identify potential targets of attack. This course may help you to develop a deeper understanding of the cyber threat landscape. The focus on reverse engineering and memory patching may enable you to extract valuable intelligence from malicious software and identify emerging trends in cybercrime.
See salaries and explore the career path for Intelligence Analyst
Data Scientist
A Data Scientist collects, analyzes, and interprets large datasets to identify trends and insights. This course may assist Data Scientists who want to improve the security of data analysis pipelines and prevent data breaches. The knowledge of reverse engineering and software protection techniques may help in analyzing data processing software and identifying potential vulnerabilities. One who has taken this course can better protect sensitive data from unauthorized access and tampering. While not directly related to core data science tasks, but this course may be useful in specialized applications where data security is paramount.
See salaries and explore the career path for Data Scientist

Reading list

We've selected one books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Reverse Engineering, Memory Hacking and Software Protection.
Cover image
Practical Reverse Engineering
Save
Provides a comprehensive guide to reverse engineering techniques, covering x86, x64, and ARM architectures. It delves into Windows kernel reversing and explores various reversing tools. The book also addresses obfuscation techniques, which are highly relevant to the course's focus on packed programs. It serves as a valuable reference for understanding the underlying principles and practical applications of reverse engineering.
Practical Reverse Engineering
Paperback
Check
Practical Reverse Engineering
Kindle Edition
Check

Share

Help others find this course page by sharing it with your friends and followers:
Facebook
LinkedIn
Reddit
X
Link
Email

Similar courses

Similar courses are unavailable at this time. Please try again later.
Effort
1.5 total hours
Via
Udemy
Instructor
Paul Chin, PhD
Language
English
Good to know
Explores techniques for bypassing anti-debugging measures, which is crucial for reverse engineering and security analysis
Teaches memory patching techniques, enabling modification of program behavior at runtime, which is valuable for software customization and security research
Utilizes Cheat Engine, a prominent tool in the game hacking community, to analyze and manipulate packed program processes, offering practical skills for game modification and reverse engineering
Requires familiarity with x64dbg and Cheat Engine, suggesting it is designed for those with some existing reverse engineering and debugging experience
Covers packing crackmes using popular packers, which allows learners to test the effectiveness of software protection techniques and understand common vulnerabilities
Employs older packers such as VMProtect, Enigma, and Themida, which may not reflect current industry standards for software protection
Share and help others discover this course.
Facebook LinkedIn X Reddit Link Email
Don't miss out
Enroll today to gain access to this course
Enroll in this course
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2025 OpenCourser