Reverse Engineering

  1. Anti-Reverse Engineering Techniques
    1. Code Obfuscation Methods
      1. Control Flow Obfuscation
        1. Control Flow Flattening
          1. Opaque Predicates
            1. Bogus Control Flow
            2. Data Obfuscation
              1. String Encryption
                1. Constant Hiding
                  1. Data Structure Obfuscation
                  2. Instruction-Level Obfuscation
                    1. Instruction Substitution
                      1. Dead Code Insertion
                        1. Equivalent Instruction Replacement
                      2. Packing and Encryption
                        1. Executable Packing
                          1. Compression-Based Packers
                            1. Encryption-Based Packers
                              1. Multi-Layer Packing
                              2. Runtime Decryption
                                1. Self-Decrypting Code
                                  1. Key Derivation Methods
                                    1. Decryption Triggers
                                    2. Virtual Machine Protection
                                      1. Custom Virtual Machines
                                        1. Bytecode Translation
                                          1. VM-Based Obfuscation
                                        2. Anti-Debugging Techniques
                                          1. Debugger Detection Methods
                                            1. API-Based Detection
                                              1. Timing-Based Detection
                                                1. Hardware-Based Detection
                                                2. Debug Prevention
                                                  1. Exception Handling Abuse
                                                    1. Thread Local Storage Tricks
                                                      1. Process Environment Block Manipulation
                                                      2. Dynamic Anti-Debugging
                                                        1. Runtime Debugger Checks
                                                          1. Breakpoint Detection
                                                            1. Single-Step Detection
                                                          2. Anti-Disassembly Techniques
                                                            1. Disassembly Confusion
                                                              1. Overlapping Instructions
                                                                1. False Disassembly
                                                                  1. Jump Table Obfuscation
                                                                  2. Self-Modifying Code
                                                                    1. Runtime Code Generation
                                                                      1. Polymorphic Code
                                                                        1. Code Mutation
                                                                        2. Indirect Control Flow
                                                                          1. Function Pointer Obfuscation
                                                                            1. Return Address Manipulation
                                                                              1. Computed Jumps
                                                                            2. Anti-Analysis Environment Detection
                                                                              1. Virtual Machine Detection
                                                                                1. Hardware Fingerprinting
                                                                                  1. Timing Discrepancies
                                                                                    1. VM-Specific Artifacts
                                                                                    2. Sandbox Detection
                                                                                      1. Environment Profiling
                                                                                        1. User Interaction Checks
                                                                                          1. File System Artifacts
                                                                                          2. Analysis Tool Detection
                                                                                            1. Process Enumeration
                                                                                              1. Window Detection
                                                                                                1. Registry Key Monitoring
                                                                                              2. Countermeasures and Bypass Techniques
                                                                                                1. Unpacking Methods
                                                                                                  1. Manual Unpacking
                                                                                                    1. Automated Unpacking Tools
                                                                                                      1. Generic Unpacking Techniques
                                                                                                      2. Deobfuscation Strategies
                                                                                                        1. Pattern Recognition
                                                                                                          1. Symbolic Execution
                                                                                                            1. Dynamic Analysis Approaches
                                                                                                            2. Anti-Anti-Debugging
                                                                                                              1. Debugger Hiding Techniques
                                                                                                                1. Detection Routine Patching
                                                                                                                  1. Environment Simulation
                                                                                                                  2. Analysis Environment Hardening
                                                                                                                    1. VM Detection Evasion
                                                                                                                      1. Sandbox Evasion
                                                                                                                        1. Tool Signature Hiding

                                                                                                                    Previous

                                                                                                                    5. Applications and Specializations

                                                                                                                    Go to top

                                                                                                                    Next

                                                                                                                    7. Essential Tools and Techniques