The most important first step when learning to reverse engineer is to not be intimidated. Nothing captures this overwhelming feeling better than opening a debugger to face a sea of hexadecimal and assembly. After all, we’re trying to understand systems that are either not meant to be understood or specifically designed to confuse us. In this module, we'll learn some core concepts by working through various x86 examples.

I should note that what we’ll be doing here isn’t necessarily the first step in the reverse engineering process. You can get quick wins from running your sample through a sandbox, extracting strings, etc. But, this is the most fruitful, as we can gain a deeper understanding of a malware’s design and capabilities which will in turn help us develop more resilient defenses.

Click the icon below to learn more about the debugger. After you have a look around, click “Next.”