A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.

image

FREE Reverse Engineering Self-Study Course HERE


Hacking Windows

The book and code repo for the FREE Hacking Windows book by Kevin Thomas.

FREE Book

Download

Chapter 1: Hello World

This chapter covers the basics of designing a very simple Windows Assembly Language message box program in pure Assembly for both x86 and x64 architectures.

-> Click HERE to read the FREE pdf book.

Chapter 2: Debugging Hello World x86

This chapter covers the dynamic reverse engineering analysis, debugging, of the Hello World app in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 3: Hacking Hello World x86

This chapter covers the dynamic reverse engineering analysis, hacking, of the Hello World app in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 4: Debugging Hello World x64

This chapter covers the dynamic reverse engineering analysis, debugging, of the Hello World app in x64 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 5: Hacking Hello World x64

This chapter covers the dynamic reverse engineering analysis, hacking, of the Hello World app in x64 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 6: Directories

This chapter covers reviewing the Windows API CreateDirectoryW and RemoveDirectoryW functions in C.

-> Click HERE to read the FREE pdf book.

Chapter 7: Debugging Directories x86

This chapter covers dynamic reverse engineering analysis, debugging, the Windows API CreateDirectoryW and RemoveDirectoryW functions in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 8: Hacking Directories x86

This chapter covers dynamic reverse engineering analysis, hacking, the Windows API CreateDirectoryW and RemoveDirectoryW functions in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 9: Debugging Directories x64

This chapter covers dynamic reverse engineering analysis, debugging, the Windows API CreateDirectoryW and RemoveDirectoryW functions in x64 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 10: Hacking Directories x64

This chapter covers dynamic reverse engineering analysis, hacking, the Windows API CreateDirectoryW and RemoveDirectoryW functions in x64 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 11: CopyFile

This chapter covers reviewing the Windows API CopyFileW function in C.

-> Click HERE to read the FREE pdf book.

Chapter 12: Debugging CopyFile x86

This chapter covers dynamic reverse engineering analysis, debugging, the Windows API CopyFileW function in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 13: Hacking CopyFile x86

This chapter covers dynamic reverse engineering analysis, hacking, the Windows API CopyFileW function in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 14: Debugging CopyFile x64

This chapter covers dynamic reverse engineering analysis, debugging, the Windows API CopyFileW function in x64 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 15: Hacking CopyFile x64

This chapter covers dynamic reverse engineering analysis, hacking, the Windows API CopyFileW function in x64 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 16: MoveFile

This chapter covers reviewing the Windows API MoveFileW function in C.

-> Click HERE to read the FREE pdf book.

Chapter 17: Debugging MoveFile x86

This chapter covers dynamic reverse engineering analysis, debugging, the Windows API MoveFileW function in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 18: Hacking MoveFile x86

This chapter covers dynamic reverse engineering analysis, hacking, the Windows API MoveFileW function in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 19: Debugging MoveFile x64

This chapter covers dynamic reverse engineering analysis, debugging, the Windows API MoveFileW function in x64 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 20: Hacking MoveFile x64

This chapter covers dynamic reverse engineering analysis, hacking, the Windows API MoveFileW function in x64 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 21: CreateFile

This chapter covers reviewing the Windows API CreateFileW function in C.

-> Click HERE to read the FREE pdf book.

Chapter 22: Debugging CreateFile x86

This chapter covers dynamic reverse engineering analysis, debugging, the Windows API CreateFileW function in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 23: Hacking CreateFile x86

This chapter covers dynamic reverse engineering analysis, hacking, the Windows API CreateFileW function in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 24: Debugging CreateFile x64

This chapter covers dynamic reverse engineering analysis, hacking, the Windows API CreateFileW function in x64 Assembly.

-> Click HERE to read the FREE pdf book.

BOOK IS UNDER DEVELOPMENT

License

Apache License, Version 2.0

Owner
Kevin Thomas
Senior Software Engineer in Test
Kevin Thomas
Similar Resources

A small arcade game utilizing the Raspberry Pi Pico and 20 arcade buttons!

Pico Light Arcade This is the code for the Pico Light Arcade game that can be seen here: https://twitter.com/ghidraninja/status/1422900329369178113 Ha

Feb 21, 2022

An experimental sprite rendering setup utilizing SSBO's, Threading, EnTT reactive systems, and array-textures based sprite caching.

entt-reactive An experimental sprite rendering setup utilizing pooled SSBO's, a multithreaded setup based on Even Todd's The Poor Man's Threading Arch

Apr 29, 2022

Multipurpose malware framework utilizing vk.com as c2

Multipurpose malware framework utilizing vk.com as c2

Chimera Loader Multi-purpose malware / updater framework About The Project Chimera loader previously Strator currently serving as a vk.com loader has

Sep 15, 2022

BMI_automatics-faceshielding-device - this is a project utilizing STM32, MATLAB,Softmax classifier to achieve a portable face shielding(mask) device

BMI_automatics-faceshielding-device this is a project utilizing STM32, MATLAB,Softmax classifier to achieve a portable face shielding(mask) device in

Dec 23, 2021

Block Cipher Reverse Engineering: A Challenge by Nintendo European Research & Development

Block Cipher Reverse Engineering: A Challenge by Nintendo European Research & Development

My algorithm cracks NERD HireMe for any output within 1 Second without Brute-Force! Read more if you want to find out how this was accomplished or execute this algorithm yourself on Wandbox - Online C++ Compiler

Nov 15, 2021

IDA Debugger Module to Dynamically Synchronize Memory and Registers with third-party Backends (Tenet, Unicorn, GDB, etc.)

IDA Debugger Module to Dynamically Synchronize Memory and Registers with third-party Backends (Tenet, Unicorn, GDB, etc.)

IDA Debug Bridge IDA Debugger Module to Dynamically Synchronize Memory and Registers with third-party Backends (Tenet, Unicorn, GDB, etc.) By synchron

Sep 5, 2022

IDA Pro key checker tool

IDA Key Checker IDA Pro (6.x-7.x) key checker tool Usage A list of available options can be retrieved using: ida_key_checker --help Arguments: Option

Oct 27, 2022

IDA StrikeOut: A Hex-Rays decompiler plugin to patch the Ctree

IDA StrikeOut: A Hex-Rays decompiler plugin to patch the Ctree

StrikeOut is an plugin for the Hex-Rays Decompiler. It allows you to delete (hide) statements from the AST, thus simplifying the pseudocode output. This is a useful scenario when you are dealing with lots of junk code or code that don't necessarily increase your understanding of the pseudocode.

Aug 11, 2022

Yet Another Ghidra Integration for IDA

Yet Another Ghidra Integration for IDA

Yagi Yet Another Ghidra Integration for IDA Overview Yagi intends to include the wonderful Ghidra decompiler into both IDA pro and IDA Free. 📦 You ca

Nov 27, 2022
Comments
  • Hacking_Windows_ALPHA.pdf errors

    Hacking_Windows_ALPHA.pdf errors

    On page 5, "We also use the stdcall Win32 callign" calling misspelled.

    On page 5 it says, "Our first Win32API that we will call is the ExitProcess which simply exits the application and frees up the operation to the Windows OS." But that is the second function called, MessageBoxA is the first.

    On page 6, "The first param is HWND hWnd which is a handle to the owner of the window of the message box to be created and in our case it is NULL meaning the message bhas has no owner." "has" or "box has" misspelled.

Step-by-step guide through the abstract and complex universe of Fragment Shaders.

The Book of Shaders by Patricio Gonzalez Vivo and Jen Lowe This is a gentle step-by-step guide through the abstract and complex universe of Fragment S

Nov 30, 2022
exp2swift translator which translates STEP schema files described in ISO 10303-11 STEP EXPRESS language to the Swift programing language.

STEPswiftcode/ exp2swift exp2swift translator which translates STEP schema files described in ISO 10303-11 STEP EXPRESS language to the Swift programi

Jan 3, 2022
A step by step example of creating your own React Native TurboModule.

Discovering Turbo Modules Note: This example was made in RN 0.63. Some things have changed since then, but the good news is that now the setup should

Nov 14, 2022
This repo contains BOTH c++ and BP examples to acheive the same logic, but in each frameworks specific ways

ApparatusCppMoveRandomly Hey there! This repo contains BOTH c++ and BP examples to acheive the same logic, but in each frameworks specific ways. I int

Jan 24, 2022
A D++ Discord Bot template for Visual Studio 2019 (x64 and x86)

D++ Windows Bot Template A D++ Discord Bot template for Visual Studio 2019 (x64 and x86, release and debug). The result of this tutorial. This templat

Nov 29, 2022
A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.
A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.

manual-syscall-detect A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks. Description A full write-up of this to

Nov 17, 2022
Vmpfix - Universal x86/x64 VMProtect 2.0-3.X Import fixer
Vmpfix - Universal x86/x64 VMProtect 2.0-3.X Import fixer

vmpfix VMPfix is a dynamic x86/x64 VMProtect 2.0-3.x import fixer. The main goal of this project was to build correct and reliable tool to fix imports

Nov 23, 2022
The purpose of these streams is to be educational and entertaining for viewers to learn about systems architecture, reverse engineering, software security, etc., and NOT to encourage nor endorse malicious game hacking.
The purpose of these streams is to be educational and entertaining for viewers to learn about systems architecture, reverse engineering, software security, etc., and NOT to encourage nor endorse malicious game hacking.

Memestream This repository holds the code that I develop during my live game "modding" ?? sessions. When I stream, I like to speedrun making a success

Jul 6, 2022
A port of the Linux x86 IOLI crackme challenges to x86-64

This is a port of the original Linux x86 IOLI crackme binaries to x86-64. The original set of IOLI crackmes can be found here: https://github.com/Maij

Mar 19, 2022
foxBMS is a free, open and flexible development environment to design battery management systems.

foxBMS is a free, open and flexible development environment to design battery management systems. It is the first modular open source BMS development platform.

Nov 22, 2022