逆向工程学习资料
转自:http://samdmarshall.com/re.html
Reverse Engineering Resources
Debugging
These are very important guides for understanding the debugging process and how applications work.
- Mac OS X Debugging Magic Technical Note (TN2124) (link - PDF Mirror)
- iOS Debugging Magic Technical Note (TN2239) (link - PDF Mirror)
- Understanding and Analyzing iOS Application Crash Reports (TN2151) (link - PDF Mirror)
- Malloc Debug Environment Variables (link - PDF Mirror)
Mach-O Binaries
Mac OS X and iOS use Mach-O file format for executable binaries and shared libraries. It supports multiple architectures in one binary file (Universal or fat binaries).
- Mach-O Wikipedia (link)
- OS X ABI Mach-O File Format Reference (link - PDF - PDF Mirror)
- Mach-O Programming Topics (link - PDF - PDF Mirror)
Analysis
Guides and introductory material to binary analysis.
- Analyzing Binaries with Hopper (link)
System ABIs
Calling conventions define how functions and subroutines receive the parameters passed to them from the calling function.
- ABI Wikipedia (link)
- Calling Conventions Wikipedia (link)
- Mac OS X ABI (link - PDF - PDF Mirror)
- iOS ABI (link - PDF - PDF Mirror)
- Dynamic Library Programming Topics (link - PDF - PDF Mirror) (Companion File - Companion File Mirror)
- OS X ABI Dynamic Loader Reference (link - PDF - PDF Mirror)
Language Resources
Language specific knowledge is often required to understand what is going on behind the scenes.
- Intel x86 Architecture (PDF - PDF Mirror)
- Introduction to x64 Assembly (PDF - PDF Mirror)
- ARM Architecture for ARMv7 (PDF Mirror)
- OS X Assembler Reference (link - PDF - PDF Mirror)
- Learn C The Hard Way (link)
- The C Library Reference Guide (link)
- Objective-C Language (link - PDF - PDF Mirror)
- Objective-C Runtime (link - PDF - PDF Mirror)
Further Reading
Collection of blogs and reading resources that give deep insight into how many aspects of languages and system functionality.
- NSBlog (link)
- Reverse Engineering Mac OS X (link)
- Landon's Blog (link)
- OS X Internals (link)
- Greg Parker's Blog (link)
- Ridiculous Fish (link)
- Snare's Blog (link)
- To The Apple's Core (link)
- The Objective-C Runtime: Understanding and Abusing (link)
Tools
Mach-O Binary Analyzers:
- MachOViewer (Homepage)
Hex Editors:
Disassemblers:
Decompilers:
- Hopper (Homepage)
- Hex-Rays (Homepage)
- classdump (Homepage)
- codedump (i386) (Source ZIP)
Debuggers:
Memory Editors:
Various Command Line Tools:
- nm (man page)
- strings (man page)
- dsymutil (man page)
- install_name_tool (man page)
- ld (man page)
- lipo (man page)
- codesign (man page)
- hexdump (man page)
- dyld_shared_cache (link)
- vbindiff (link)
- binwalk (link)
- xpwntool (link)
- objdump (link)