A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.

Overview

image

FREE Reverse Engineering Self-Study Course HERE


Hacking Windows

The book and code repo for the FREE Hacking Windows book by Kevin Thomas.

FREE Book

Download

Chapter 1: Hello World

This chapter covers the basics of designing a very simple Windows Assembly Language message box program in pure Assembly for both x86 and x64 architectures.

-> Click HERE to read the FREE pdf book.

Chapter 2: Debugging Hello World x86

This chapter covers the dynamic reverse engineering analysis, debugging, of the Hello World app in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 3: Hacking Hello World x86

This chapter covers the dynamic reverse engineering analysis, hacking, of the Hello World app in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 4: Debugging Hello World x64

This chapter covers the dynamic reverse engineering analysis, debugging, of the Hello World app in x64 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 5: Hacking Hello World x64

This chapter covers the dynamic reverse engineering analysis, hacking, of the Hello World app in x64 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 6: Directories

This chapter covers reviewing the Windows API CreateDirectoryW and RemoveDirectoryW functions in C.

-> Click HERE to read the FREE pdf book.

Chapter 7: Debugging Directories x86

This chapter covers dynamic reverse engineering analysis, debugging, the Windows API CreateDirectoryW and RemoveDirectoryW functions in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 8: Hacking Directories x86

This chapter covers dynamic reverse engineering analysis, hacking, the Windows API CreateDirectoryW and RemoveDirectoryW functions in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 9: Debugging Directories x64

This chapter covers dynamic reverse engineering analysis, debugging, the Windows API CreateDirectoryW and RemoveDirectoryW functions in x64 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 10: Hacking Directories x64

This chapter covers dynamic reverse engineering analysis, hacking, the Windows API CreateDirectoryW and RemoveDirectoryW functions in x64 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 11: CopyFile

This chapter covers reviewing the Windows API CopyFileW function in C.

-> Click HERE to read the FREE pdf book.

Chapter 12: Debugging CopyFile x86

This chapter covers dynamic reverse engineering analysis, debugging, the Windows API CopyFileW function in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 13: Hacking CopyFile x86

This chapter covers dynamic reverse engineering analysis, hacking, the Windows API CopyFileW function in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 14: Debugging CopyFile x64

This chapter covers dynamic reverse engineering analysis, debugging, the Windows API CopyFileW function in x64 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 15: Hacking CopyFile x64

This chapter covers dynamic reverse engineering analysis, hacking, the Windows API CopyFileW function in x64 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 16: MoveFile

This chapter covers reviewing the Windows API MoveFileW function in C.

-> Click HERE to read the FREE pdf book.

Chapter 17: Debugging MoveFile x86

This chapter covers dynamic reverse engineering analysis, debugging, the Windows API MoveFileW function in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 18: Hacking MoveFile x86

This chapter covers dynamic reverse engineering analysis, hacking, the Windows API MoveFileW function in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 19: Debugging MoveFile x64

This chapter covers dynamic reverse engineering analysis, debugging, the Windows API MoveFileW function in x64 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 20: Hacking MoveFile x64

This chapter covers dynamic reverse engineering analysis, hacking, the Windows API MoveFileW function in x64 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 21: CreateFile

This chapter covers reviewing the Windows API CreateFileW function in C.

-> Click HERE to read the FREE pdf book.

Chapter 22: Debugging CreateFile x86

This chapter covers dynamic reverse engineering analysis, debugging, the Windows API CreateFileW function in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 23: Hacking CreateFile x86

This chapter covers dynamic reverse engineering analysis, hacking, the Windows API CreateFileW function in x86 Assembly.

-> Click HERE to read the FREE pdf book.

Chapter 24: Debugging CreateFile x64

This chapter covers dynamic reverse engineering analysis, hacking, the Windows API CreateFileW function in x64 Assembly.

-> Click HERE to read the FREE pdf book.

BOOK IS UNDER DEVELOPMENT

License

Apache License, Version 2.0

You might also like...
A small arcade game utilizing the Raspberry Pi Pico and 20 arcade buttons!

Pico Light Arcade This is the code for the Pico Light Arcade game that can be seen here: https://twitter.com/ghidraninja/status/1422900329369178113 Ha

An experimental sprite rendering setup utilizing SSBO's, Threading, EnTT reactive systems, and array-textures based sprite caching.

entt-reactive An experimental sprite rendering setup utilizing pooled SSBO's, a multithreaded setup based on Even Todd's The Poor Man's Threading Arch

Multipurpose malware framework utilizing vk.com as c2
Multipurpose malware framework utilizing vk.com as c2

Chimera Loader Multi-purpose malware / updater framework About The Project Chimera loader previously Strator currently serving as a vk.com loader has

BMI_automatics-faceshielding-device - this is a project utilizing STM32, MATLAB,Softmax classifier to achieve a portable face shielding(mask) device

BMI_automatics-faceshielding-device this is a project utilizing STM32, MATLAB,Softmax classifier to achieve a portable face shielding(mask) device in

Block Cipher Reverse Engineering: A Challenge by Nintendo European Research & Development
Block Cipher Reverse Engineering: A Challenge by Nintendo European Research & Development

My algorithm cracks NERD HireMe for any output within 1 Second without Brute-Force! Read more if you want to find out how this was accomplished or execute this algorithm yourself on Wandbox - Online C++ Compiler

IDA Debugger Module to Dynamically Synchronize Memory and Registers with third-party Backends (Tenet, Unicorn, GDB, etc.)
IDA Debugger Module to Dynamically Synchronize Memory and Registers with third-party Backends (Tenet, Unicorn, GDB, etc.)

IDA Debug Bridge IDA Debugger Module to Dynamically Synchronize Memory and Registers with third-party Backends (Tenet, Unicorn, GDB, etc.) By synchron

IDA Pro key checker tool

IDA Key Checker IDA Pro (6.x-7.x) key checker tool Usage A list of available options can be retrieved using: ida_key_checker --help Arguments: Option

IDA StrikeOut: A Hex-Rays decompiler plugin to patch the Ctree
IDA StrikeOut: A Hex-Rays decompiler plugin to patch the Ctree

StrikeOut is an plugin for the Hex-Rays Decompiler. It allows you to delete (hide) statements from the AST, thus simplifying the pseudocode output. This is a useful scenario when you are dealing with lots of junk code or code that don't necessarily increase your understanding of the pseudocode.

Yet Another Ghidra Integration for IDA
Yet Another Ghidra Integration for IDA

Yagi Yet Another Ghidra Integration for IDA Overview Yagi intends to include the wonderful Ghidra decompiler into both IDA pro and IDA Free. 📦 You ca

Comments
  • Hacking_Windows_ALPHA.pdf errors

    Hacking_Windows_ALPHA.pdf errors

    On page 5, "We also use the stdcall Win32 callign" calling misspelled.

    On page 5 it says, "Our first Win32API that we will call is the ExitProcess which simply exits the application and frees up the operation to the Windows OS." But that is the second function called, MessageBoxA is the first.

    On page 6, "The first param is HWND hWnd which is a handle to the owner of the window of the message box to be created and in our case it is NULL meaning the message bhas has no owner." "has" or "box has" misspelled.

    opened by HadManySons 2
Owner
Kevin Thomas
Senior Software Engineer in Test
Kevin Thomas
Step-by-step guide through the abstract and complex universe of Fragment Shaders.

The Book of Shaders by Patricio Gonzalez Vivo and Jen Lowe This is a gentle step-by-step guide through the abstract and complex universe of Fragment S

Patricio Gonzalez Vivo 4.9k Jan 2, 2023
exp2swift translator which translates STEP schema files described in ISO 10303-11 STEP EXPRESS language to the Swift programing language.

STEPswiftcode/ exp2swift exp2swift translator which translates STEP schema files described in ISO 10303-11 STEP EXPRESS language to the Swift programi

Tsutomu Yoshida 1 Jan 3, 2022
A step by step example of creating your own React Native TurboModule.

Discovering Turbo Modules Note: This example was made in RN 0.63. Some things have changed since then, but the good news is that now the setup should

Bartłomiej Klocek 96 Dec 5, 2022
This repo contains BOTH c++ and BP examples to acheive the same logic, but in each frameworks specific ways

ApparatusCppMoveRandomly Hey there! This repo contains BOTH c++ and BP examples to acheive the same logic, but in each frameworks specific ways. I int

null 2 Jan 24, 2022
A D++ Discord Bot template for Visual Studio 2019 (x64 and x86)

D++ Windows Bot Template A D++ Discord Bot template for Visual Studio 2019 (x64 and x86, release and debug). The result of this tutorial. This templat

brainbox.cc 28 Dec 24, 2022
A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.

manual-syscall-detect A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks. Description A full write-up of this to

Conor Richard 72 Dec 26, 2022
Vmpfix - Universal x86/x64 VMProtect 2.0-3.X Import fixer

vmpfix VMPfix is a dynamic x86/x64 VMProtect 2.0-3.x import fixer. The main goal of this project was to build correct and reliable tool to fix imports

Pavel 195 Dec 28, 2022
The purpose of these streams is to be educational and entertaining for viewers to learn about systems architecture, reverse engineering, software security, etc., and NOT to encourage nor endorse malicious game hacking.

Memestream This repository holds the code that I develop during my live game "modding" ?? sessions. When I stream, I like to speedrun making a success

Stephen Tong 28 Jul 6, 2022
A port of the Linux x86 IOLI crackme challenges to x86-64

This is a port of the original Linux x86 IOLI crackme binaries to x86-64. The original set of IOLI crackmes can be found here: https://github.com/Maij

Julian Daeumer 4 Mar 19, 2022
foxBMS is a free, open and flexible development environment to design battery management systems.

foxBMS is a free, open and flexible development environment to design battery management systems. It is the first modular open source BMS development platform.

The foxBMS Team 100 Jan 10, 2023