Course Information
Registration period
Year-round Recruitment
Course Level
Study Mode
Duration
2 Hour(s) 12 Minute(s)
Language
English
Taught by
Paul Chin, PhD
Rating
Course Overview
Learn how software protection works from the inside out using the x64dbg debugger
If you had always wanted to learn how software protection works and how to use x64dbg to unpack them, then this is the course for you. This course is an introduction to Software Protection for anyone who wants to get started in this field. It is suitable for software developers who want to learn how to protect their software and also for reverse engineers who want to fix bugs where the source code is not available.
You will learn how to use x64dbg to unpack Crackmes protected with packing and anti-debugging. A CrackMe is a small program designed to test a programmer's reverse engineering skills.
What you will learn
How to set hardware breakpoints and analyze the unpacking header stub
Dumping unpacked executable from memory
Fixing Import Address Tables (IAT) after dumping memory.
Modify program behaviour
Patching programs
Creating loaders for process patching
What if the program cannot be unpacked
3 techniques to unpack multiple protections
Prerequisites:
Before taking this course, you should already be familiar with how to use x64dbg.
Money back guarantee:
This course is backed by a 30-day money back guarantee. So, go ahead and enroll in this course now and start reverse engineering and debugging programs the fun and easy way!
Course Content
- 19 section(s)
- 19 lecture(s)
- Section 1 Introduction
- Section 2 Introduction to Software Protection
- Section 3 Downloading CrackMe 11
- Section 4 Examining the packer protection
- Section 5 Unpacking the packed program
- Section 6 Patching the dumped file
- Section 7 Introduction to Loaders
- Section 8 Creating a Loader
- Section 9 Introduction to Anti-Debugging Protection
- Section 10 Downloading CrackMe 12
- Section 11 Patching Anti-Debugging API calls
- Section 12 Installing the Scylla Hide plugin for anti-anti-debugging
- Section 13 Using ScyllaHide to hide the debugger
- Section 14 Introduction to multiple software protection
- Section 15 3 ways to reverse engineer multiple protections
- Section 16 Technique #1: Hiding debugger and using loader for process patching
- Section 17 Technique #2: Hiding debugger, unpack then patch
- Section 18 Technique #3: Hiding debugger, then do Serial Phising
- Section 19 Resources for Further Study
What You’ll Learn
- How to unpack programs, Bypass anti-debuggers, Patch programs, Dump memory to files, Use x64dbg debugger, Use ScyllaHide plugin, 3 ways to unpack layered protections, What if the program cannot be unpacked, Using loaders for process patching, and more....
Skills covered in this course
Reviews
-
DDavid fernando giannoni
marvelous teacher!
-
NNick Nicolaou
Overall a very good course. A bit outdated at a few points, but the concepts are well explained and there are many practical examples. I would definitely call this course an eye opener for those getting started at reverse engineering.
-
DDominik Maślak
very, very important and useful content
-
SStuart Gentry
I would like to send a full review to Paul Chin for his permission to publish. Overall, good course. Paul used some tools to make things easier. I would like to know what the tools are looking for in the executable file. It is one thing to use a tool; it is another to understand what it was built for.
