• Post category:StudyBullet-4
  • Reading time:9 mins read

Learn how software protection works from the inside out using the x64dbg debugger

What you will learn

How to unpack programs

Bypass anti-debuggers

Patch programs

Dump memory to files

Use x64dbg debugger

Use ScyllaHide plugin

3 ways to unpack layered protections

What if the program cannot be unpacked

Using loaders for process patching


Get Instant Notification of New Courses on our Telegram channel.


and more….

Screenshots

Reverse Engineering 4: Software Protection - Screenshot_01Reverse Engineering 4: Software Protection - Screenshot_02Reverse Engineering 4: Software Protection - Screenshot_03Reverse Engineering 4: Software Protection - Screenshot_04

Description

If you had always wanted to learn how software protection works and how to use x64dbg to unpack them,  then this is the course for you. This course is an introduction to Software Protection for anyone who wants to get started in this field. It is suitable for software developers who want to learn how to protect their software and also for reverse engineers who want to fix bugs where the source code is not available.

You will learn how to use x64dbg to unpack Crackmes protected with packing and anti-debugging.  A CrackMe is a small program designed to test a programmer’s reverse engineering skills.

What you will learn

  • How to set hardware breakpoints and analyze the unpacking header stub
  • Dumping unpacked executable from memory
  • Fixing Import Address Tables (IAT) after dumping memory.
  • Modify program behaviour
  • Patching programs
  • Creating loaders for process patching
  • What if the program cannot be unpacked
  • 3 techniques to unpack multiple protections

Prerequisites:

Before taking this course, you should already be familiar with how to use x64dbg.

Money back guarantee:

This course is backed by a 30-day money back guarantee.  So, go ahead and enroll in this course now and start reverse engineering and debugging programs the fun and easy way! 

English
language

Content

Introduction

Introduction

Introduction to Software Protection

Introduction to Software Protection

Downloading CrackMe 11

Downloading CrackMe 11

Examining the packer protection

Examining the packer protection

Unpacking the packed program

Unpacking

Patching the dumped file

Patching the dumped file

Introduction to Loaders

Introduction to Loaders

Creating a Loader

Creating a Loader

Introduction to Anti-Debugging Protection

Introduction to Anti-Debugging Protection

Downloading CrackMe 12

Downloading CrackMe 12

Patching Anti-Debugging API calls

Patching Anti-Debugging API calls

Installing the Scylla Hide plugin for anti-anti-debugging

Installing the Scylla Hide plugin for anti-anti-debugging

Using ScyllaHide to hide the debugger

Using ScyllaHide to hide the debugger

Introduction to multiple software protection

Introduction to multiple software protection

3 ways to reverse engineer multiple protections

3 ways to reverse engineer multiple protections

Technique #1: Hiding debugger and using loader for process patching

Technique #1: Hiding debugger and using loader for process patching

Technique #2: Hiding debugger, unpack then patch

Technique #2: Hiding debugger, unpack then patch

Technique #3: Hiding debugger, then do Serial Phising

Technique #3: Hiding debugger, then do Serial Phising

Resources for Further Study

Bonus Lecture