This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Knowledge Area | recommendations | |
---|---|---|
ASM x86 & WinDbg | Get Your self familiar with x86 Assembly. | |
Learn how to call Win32 APIs from assembly. | ||
Understand the use case of each register (Why it’s EAX not EBX) | ||
Custom and save your WingDBG workspace according to the binary/attack you are working on. | ||
Get familiar with common WinDbg command such as : | ||
1.Search for Bytes, ANSI, ASCI DWORDS, etc.. in memory | ||
2. Show Specific memory permissions (Read, Write, Execute) | ||
3. Manually explorer PE Headers and Sections. | ||
4. List out the loaded modules. |