Ready to Start Your Career?
January 1, 2016
January 1, 2016
January 1, 2016
Assembly language is the most commonly used when analyzing malware. why is that? because malwares are usually designed in C or C++, and after the code was compiled it is almost impossible to get an access to the source code. what we do have, thanks to brilliant tools like IDA Pro, is an access to the low level assembly language. C/C++ compilers translate the source code into assembly language, a language that is much easier for the CPU to understand. the assembly language is translated into opcode or machine code using the assembler and is actually the highest level of abstraction that still gives you an idea of what is happening behind the scenes. but how can one even start learning the rich language of Assembly? When I first started my romance with Assembly language (which wasn't that long ago), it was all gibberish to me. I got the idea of registers being pushed and popped in and out of the stack thanks to my previews knowledge of the C programming language, but other than that I was clueless. I then started looking online for tutorials and step-by-step guides on how to learn Assembly. There are so many guides out there but unfortunately not that good. I looked for youtube guides but couldn't find even one instructor that I felt comfortable with the way he teaches. Then I realized I had to be more focused on what exactly it is Im looking for. Assembly is wide and it has all the functionality any other programming language has and even more! But my goal was to become a Reverse Engineer. I found some tutorials online, specific to my needs and started from there. First I analyzed simple C programs I wrote and then went on to analyze real malware I have downloaded from vaious of Malware Databases. Any way here are some tips on how to learn assembly language: Most of the guides will begin with a too long intro about numbering methods. I suggest you'd learn it by yourself and even memorize the decimal-hex-binary table. read briefly about the registers and mnemonics and move on to practice. learn the different modes, the types of assemblers and most importantly- STICK TO ONE ARCHITECTURE! Some books and tutorials will try to feed you with some types of assembly language at the same time. I find it hardly effective. Stick to one architecture, x86 is the best for start, and learn the differences between the dialects after u have a strong base in one architecture. Good Luck! Why not submit tut via 0p3n? I'm thinking on doing the same .. maybe I will :) Assembly language is pretty intimidating. It took me an entire week to write a simple program for a class I had. It can get confusing for sure! It will look impressive on a resume, though! Absolutely!! Assembly is a required language for malware analysis and reverse engineering though.. > Why not submit tut via 0p3n? I’m thinking on doing the same .. @tommyre Please do! We'd love to add an assembly tutorial. --StarkI'm flattered! Ill get to it this weekend I hope, it is a very busy week I'm afraid.. Link on Yale website https://flint.cs.yale.edu/cs422/ The art of assembly language (pdf) Official IA32 Intel architecture software developer's manuals: Volume 1: Basic Architecture (pdf); Volume 2: Instruction Set Reference Manual (pdf); Volume 3: System Programming Guide (pdf.) Could anyone write about shellcodes as well... most reverse tools give something between C and Assembly As an embedded system/firmware engineer whenever I'm writing low level code (close to the hardware) I always debug in mixed mode (C and assembly). It is useful to have access to the registers. Used to be one had to learn many different assembly languages (although once one knew the principles going from one to another was easy). Nowadays most embedded systems are based on the ARM. Security Tube has some assembly primers at http://www.securitytube.net/groups?operation=viewall&groupId=0
Build your Cybersecurity or IT Career
Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry