Skip to content

Latest commit

 

History

History
42 lines (28 loc) · 1.35 KB

File metadata and controls

42 lines (28 loc) · 1.35 KB

Reverse Engineering Writeups

Static and dynamic analysis writeups for HackTheBox and TryHackMe RE challenges.
Covers ELF binaries, PE malware, crackmes, and anti-debug bypass techniques.


Toolchain

Tool Role
Ghidra Decompilation, cross-reference analysis, function graphing
radare2 Disassembly, scripted analysis, binary patching
x64dbg Dynamic analysis on Windows PE, breakpoint-based bypass
dnSpy64 .NET assembly decompilation and runtime patching
gdb ELF runtime debugging, register inspection

Methodology

Each writeup follows the same structure:

  1. Triagefile, strings, checksec, entropy check
  2. Static Analysis — Ghidra/radare2 disassembly, identify key functions, control flow
  3. Dynamic Analysis — Run under debugger, trace syscalls/library calls, set breakpoints
  4. Findings — Document the vulnerability, bypass, or flag logic
  5. Solution — Minimal reproducible steps (script or manual)

Screenshots and annotated disassembly included in each writeup.


Skills Demonstrated

ELF reversing PE analysis malware static analysis
Ghidra radare2 x64dbg patching .NET decompilation gdb


All challenges are from legal CTF platforms (HackTheBox, TryHackMe).
Research conducted for educational and skill-development purposes.