If you had always wanted to learn how software protection works and how to use x64dbg to unpack them, then this is the course for you. This course is an introduction to Software Protection for anyone who wants to get started in this field. It is suitable for software developers who want to learn how to protect their software and also for reverse engineers who want to fix bugs where the source code is not available.
You will learn how to use x64dbg to unpack Crackmes protected with packing and anti-debugging. A CrackMe is a small program designed to test a programmer’s reverse engineering skills.
What you will learn
- How to set hardware breakpoints and analyze the unpacking header stub
- Dumping unpacked executable from memory
- Fixing Import Address Tables (IAT) after dumping memory.
- Modify program behaviour
- Patching programs
- Creating loaders for process patching
- What if the program cannot be unpacked
- 3 techniques to unpack multiple protections
Prerequisites:
Before taking this course, you should already be familiar with how to use x64dbg.
Money back guarantee:
This course is backed by a 30-day money back guarantee. So, go ahead and enroll in this course now and start reverse engineering and debugging programs the fun and easy way!
Introduction
Introduction
Introduction to Software Protection
Introduction to Software Protection
Downloading CrackMe 11
Downloading CrackMe 11
Examining the packer protection
Examining the packer protection
Unpacking the packed program
Unpacking
Patching the dumped file
Patching the dumped file
Introduction to Loaders
Introduction to Loaders
Creating a Loader
Creating a Loader
Introduction to Anti-Debugging Protection
Introduction to Anti-Debugging Protection
Downloading CrackMe 12
Downloading CrackMe 12
Patching Anti-Debugging API calls
Patching Anti-Debugging API calls
Installing the Scylla Hide plugin for anti-anti-debugging
Installing the Scylla Hide plugin for anti-anti-debugging
Using ScyllaHide to hide the debugger
Using ScyllaHide to hide the debugger
Introduction to multiple software protection
Introduction to multiple software protection
3 ways to reverse engineer multiple protections
3 ways to reverse engineer multiple protections
Technique #1: Hiding debugger and using loader for process patching
Technique #1: Hiding debugger and using loader for process patching
Technique #2: Hiding debugger, unpack then patch
Technique #2: Hiding debugger, unpack then patch
Technique #3: Hiding debugger, then do Serial Phising
Resources for Further Study
Bonus Lecture