Software Reverse Engineering

There are some "tracers" if you want to simply peeking your target software. These tools are powerful software for debugging and diagnosing programs, showing the internal logics and how it works.

Debuggers is used to track execution and monitor changes in computer resources while executing commands, one instruction or line by one, thus test the software and find the bugs in there.

Debugger is really useful if you want to track how the software works internally. For example there is a PDF parsing software which is not really works well. You can find out which functions are used to parse the pdf file structure, and you can track how the program exited if there is a crash, . Debugger is used to find the bugs in the software, so if you want to spot the bugs and find out it is really exploitable, you should be familiar with debuggers.

There are a lot of debuggers depends on the target architecture, environment, and language. For example, Python has the builtin function breakpoint(), Ruby also has the binding.irb to debug the script line by line. Good debugging environment can attract software developers, encourage them to work with the environment.

Decompilers can convert compiled executables to readable code. Now decompilers are essential tools in diagnosing and reverse engineering softwares, especially if you don’t have source code of target software.

Nowadays, the free and open source decompilers, like ghidra, have great performance and neat decompiled output. You might not want to purchase for the softwares, but you can still try some free options like Ghidra, cloud based HexRays decompiler shipped with IDA Free, and Binary Ninja Cloud.

And remember, these decompilers do not do magic spell for you. Without computer science basis, you can only use very limited feature of the tools. Decompiled output is quite ugly in cases, sometimes it generates totally wrong output.

I said it again, don’t rely on these tools.