Basics of Reverse Engineering Winter 2022
Dartmouth CS69.16 "Basics of Reverse Engineering" course materials will be available in this public repository.
Draft syllabus. Please note that this is draft. Although the focus and pre-requisites of the course will not change, week-by-week topics and activities will likely go though several rounds of changes, to accommodate student backgrounds and requests.
This is a brand-new course, in a rapidly changing technical field. We'll be experimenting and adjusting course materials as we go.
Notes from the X-hour: local vs global variables and related topics. I also posted notes on compilation, optimization, hello world disassembly example, based on x86 MacOS binary environment.
Day 5: Signed arithmetic and basic syscalls, simple shellcode, with examples. Videos from Day 5: Part 1 and Part 2.
Day 6: Notes on switches and a quick Introduction to C++ compilation. See also examples/
X-hour on C++ disassembly in Ghidra: slides (look for the recorded video link in email).
Notes on C++ inheritance implementation and artifacts.
Travis Goodspeed guest lecture.
Notes on loading raw binaries in Ghidra (the lost part of the X-hour video).
Notes on Ghidra analysis of a GBA ARM v4t ROM
Notes on Ghidra's Sleigh CPU/instruction definitions and P-code (teaching Ghidra to recognize, disasseble, and decompile a GBA instruction it considers invalid out of the box).
Example GBA automation script from the cancelled X-hour. We'll revisit it in class on Tuesday. Robert Graham's invited talk slides
GhidraScript and class hierarchy notes
Notes from the X-hour on matching native instruction by scripting and the ad hoc plugin to do it.
Firmware Carving slides from the River Loop Security invited talk.
Invited talk Program Analysis With Ghidra by Alexei Bulazel, with Ghidra script code.
Slides from invited X-hour talk by Jacob Torrey.
Slides from invited talk by Sophia D'Antoine.