Is it possible to make a living at it (or part of a living) as a white-hat?
Yes, it is. For example:
1. If you work for an anti-virus company you will have to analyse viruses to see how they work. Part of this is done through disassembly / debugging.
2. If you sell anti-cracking software you will have to crack other's people protections to keep current (not very white-hat, but this is how this works).
3. You can find out exploits for windows comparing and reversing an unpatched DLL with the patched one. This is a legitimate work and there is some people who do this for money.
[EDIT=> 4: forensics]
Small comment on the tutor:
I see you only mention W32DASM, but IDA is really much better, nothing to be with w32dasm. There is a free version of IDA for download at their website. The only diff with the commercial version is that the later has a built-in debugger, but you can use Olly instead.
You may wish to Google for Ollydbg and IDA Pro free version. Of the two I would go with Ollydbg.
You will also need the following tools/knowledge:
Hex editor: There are many good and free ones out there. Give it a Google
PE format: Become familiar with what it is as it will help you understand a Microsoft executable that much better, and also just how code gets mapped from physical memory to RAM.
ELF format: This is the format of Linux/BSD executables and will do the same as the above for you in terms of knowledge.
Programming knowledge: It is important to understand C, C++ and Assembler at a high level if nothing else. You don't necessarily have to be a full-fledged programmer to reverse but it certainly is helpful.
One of the simplest ways to start out is to code your "Hello World" program and then to disassemble it. That is a good and simple starting point.
The two above file formats are important to understand as it will also be most beneficial when you are looking at malware. Lastly, I will have an article series on reverse engineering for beginners going up on WindowSecurity soon. Keep an eye out for it.
All times are GMT + 2 Hours Goto page Previous1, 2
Page 2 of 2
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum