Jumpstart your career in Reverse Engineering

Do you like to break things down bit by bit to see how they actually work?

Source

Introduction

According to Wikipedia, Reverse engineering (also known as backward engineering or back engineering) is a process or method through the application of which one attempts to understand through deductive reasoning how a device, process, system, or piece of software accomplishes a task with very little (if any) insight into exactly how it does so.

History of RE

Reverse engineering has its origins in the analysis of hardware for commercial or military advantage. This dates back to the Cold War and the 2nd World War.

The most notable technology during the Second World War is when Polish and British cryptographers studied captured German ” Enigma” message encryption machines for weaknesses. Their operation was then simulated on electromechanical devices, “bombes, which tried all the possible scrambler settings of the “Enigma” machines that helped the breaking of coded messages that had been sent by the Germans.

RE in today's world

Some of the reasons why RE exists nowadays and its usage is increasing each year. Some of the uses include but not limited to malware analysis, security/vulnerability research, legacy application support, compatibility fixes, and driver development.

With the increment in the knowledge and need for Reverse engineers, most of the jobs are in vulnerability R&D or malware analysis. A good option could be working for a company researching new threats and heuristic detection methods.

Skills and certifications

Generally, one must be proficient with debugging and analysis tools. One also needs to be able to work in a team environment and understand multiple processing languages.

Cyber reverse engineers need at least a Bachelor’s Degree in Computer Science, Computer Engineering, or an IT-related field.

A. Watch our Youtube playlist about Day in the life of a Reverse Engineer.

A day in the life of a reverse engineer.

B. Courses offered at eKRAAL. This is a list of some of the introductory courses one can undertake to jumpstart a career in RE.

1. Malware & Memory Deep Dive Workshop by Ec Council. This course assumes a basic understanding of PC’S, networks, and basic forensics. The purpose is to teach students essential memory forensics.
2. Computer Hacking Forensic Investigator (CHFI) by Ec Council. This course covers knowledge of digital forensic techniques and standard forensic tools to collect the intruder’s footprints necessary for his investigation.
3. Dark Web Forensics Deep Dive Workshop by Ec Council. This is an in-depth workshop on Dark web Forensics investigations including technical details of how the dark web/TOR works and a tour of actual dark web markets.
4. Introduction to IoT by Cisco. Those who invest in learning IoT (Internet of Things) skills can help transform any business in any industry, from manufacturing to saving endangered species.
5. PCAP: Programming Essentials in Python by Cisco. Learn Python, the language for IoT.
6. Certified Application Security Engineer (CASE JAVA/CASE .NET) by Ec Council. Focuses on secure application software development processes. It is a hands-on, comprehensive application security course that will help you create secure application software.

C. Other related Courses in RE:

1. Pluralsight; Getting Started with Reverse Engineering
2. Institute of Information Security; Reverse Engineering Training

D. Blogs and books to check out,

1. Open Security Training
2. Azeria Labs
3. Think in geek
4. Github

E. Books:

1. Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
2. iOS App Reverse Engineering
3. Reverse Engineering for Beginners
4. Reversing: Secrets of Reverse Engineering

F. Platforms to practice your skills.

1. Root me
2. Hack the box
3. Crackmes.one

G. Tools. You can find a list of popular tools here: https://devcount.com/ios-pentesting-tools/

This article is written by Sheila Kirui & Shay Njogu, both working at eKRAAL Innovation Hub.

Sheila is a Cybersecurity Researcher and the Aspire(mentorship program) team, Coordinator. She enjoys baking and you will find her enjoying these delicious treats on the weekends.

Ms. Njogu is a digital marketing strategist and copywriter with keen interest matters cybersecurity and safety online. She sometimes shares her insights and safety practices on Medium and Twitter.