tags:

views:

557

answers:

6
+2  Q: 

What tools are best for learning reverse engineering.

I am starting to learn reverse engineering and wanted to know what tools people are using and what the pros and cons are to each. I have been using .Net Reflector to reverse engineer .Net apps but I also have to work with old COM dlls and it would be great to figure out what they are doing. Many of the developers who wrote them didn't check the code into source control and the binaries are out on the production servers. Any help would be appreciated.

A: 

If you have symbols for your COM dlls, you can set breakpoints on the interface implementations and set through the disassembly in NTSD.

jeffamaphone  2009-06-05 18:48:25
+2  A: 

Ollydbg is a great free tool for analyzing and debugging native apps and DLLs. Also the various tools from HeavenTools are really useful. Native code is not quite as easy as reversing .NET, you'll generally need a solid foundation in x86 assembly language to get very far.

Gerald  2009-06-05 18:49:51
+1  A: 

If you are referring too reverse engineering in general you might also check out tools like Wireshark for network protocol sniffing

Matthew Whited  2009-06-05 18:51:29
+1  A: 

http://www.reversing.be/ was one of my favorite learning sources of reverse engineering. There are a good crackmes and solutions for begineers to explore techniques. I also recommend reading http://ourworld.compuserve.com/homepages/ernies_world/a.htm (comic sans, aarrghh my eyes...) that have information about COM in assembly.

artificialidiot  2009-06-05 19:10:04
This doesn't help me solve my immediate problem but I will definately give this a look I have up voted this for the good links.
Jeremy E  2009-06-05 19:16:49
Someone was bound to mention ollydbg before me anyway. Instead, I opt to provide other info which, I think, is relevant to your immediate need. I am glad you liked the links.
artificialidiot  2009-06-05 19:46:00
+1  A: 

Also, there's a fairly comprehensive freely available wikibook on Reverse Engineering.

none  2009-06-09 15:12:00
A: 

IDA Pro is an interactive disassembler. Which work both with .NET and native executables. It has a decompiler plugin (HexRays). Also it has a debugger. It is very expensive but there's a free version.

Max  2010-06-14 07:13:37

related questions

Wrapping Visual C++ in C#
Open source ER diagramming tool for mysql
What are the best ways to understand an unfamiliar database?
Is reverse engineering evil?
Best way to inject functionality into a binary...
Good techniques for understanding someone else's code
How is the photoshop cutout filter implemented?
Best way to reverse-engineer a web service interface from a WSDL file?
How to reverse engineer undocumented legacy application?
Is there a C++ decompiler?
What's a good C decompiler?
Reverse engineering war stories
How do I decompile a .NET EXE into readable C# source code?
Creating a new rrd database based on an existing one
how are serial generators / cracks developed?
Is it legal to reverse engineer binary file formats
How would you go about reverse engineering a set of binary data pulled from a device?
Reverse Engineering C# code using StarUML
What are the best tools for reverse engineering z80 machine code?
Sequence Diagram Reverse Engineering
Stored procedures reverse engineering
How do I disassemble a VC++ application?
best tool to reverse-engineer a WinXP PS/2 touchpad driver?
Reverse engineer (oracle) schema to ERD
Annotating YouTube videos programatically