whatisgithub

What is reverse-engineering?

wtsxdev/reverse-engineering — explained in plain English

Analysis updated 2026-06-24

10,081Audience · developerComplexity · 1/5Setup · easy

In one sentence

A curated list of books, courses, tools, and practice platforms for learning reverse engineering, malware analysis, and binary analysis, organized by topic and tool type.

Mindmap

mindmap
  root((reverse-engineering))
    Learning Resources
      Books
      Courses
      Practice platforms
    Static Analysis
      Hex editors
      Disassemblers
      Binary frameworks
    Dynamic Analysis
      Sandboxes
      Process monitors
      Network simulators
    Specialties
      Android tools
      Malware classification
      Document analysis
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Find and compare disassemblers like IDA Pro, GHIDRA, and Binary Ninja to pick the right tool for analyzing a compiled executable.

USE CASE 2

Follow a structured learning path for CTF reverse engineering challenges using the linked books and practice platforms.

USE CASE 3

Set up a Cuckoo sandbox to safely run and observe suspicious files in an isolated environment.

USE CASE 4

Learn Android app reversing or .NET bytecode analysis using the category-specific tools and courses listed.

How does it compare?

wtsxdev/reverse-engineeringtarscloud/tarsdevhubapp/devhub
Stars10,08110,08010,083
LanguageC++TypeScript
Setup difficultyeasyhardmoderate
Complexity1/54/53/5
Audiencedeveloperdeveloperdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · easy Time to first run · 5min

So what is it?

This repository is a curated list of learning materials and tools for reverse engineering, which is the practice of analyzing software (or other systems) to understand how they work, typically without access to the original source code. Security researchers, malware analysts, and participants in capture-the-flag (CTF) competitions use reverse engineering to understand programs, find vulnerabilities, or analyze suspicious files. The list is organized into categories. The Books section includes titles covering assembly language, practical malware analysis, Windows internals, iOS app reversing, and exploitation techniques. The Courses section links to training from universities, security organizations like SANS and Offensive Security, and conference workshops like Blackhat and REcon. The Tools sections cover different stages of analysis. Hex editors let you inspect the raw bytes of any file. Disassemblers like IDA Pro, GHIDRA, Radare, and Binary Ninja convert compiled machine code back into human-readable assembly. Binary analysis frameworks like angr and bap automate parts of the analysis. For dynamic analysis (running a program and watching what it does), the list includes process monitors, network simulators like iNetSim, memory acquisition tools, and the Cuckoo sandbox, which runs suspicious files in an isolated environment and records their behavior. The Practice section points to platforms where you can try reverse engineering exercises in a legal, controlled setting: sites like Crackmes.de, Flare-on challenges run by Mandiant, and CTF archives on GitHub. A note in that section warns to be careful with malware samples. Additional categories cover Android-specific tools, bytecode analysis for Java and .NET, Yara rule writing for malware classification, and document analysis tools for examining malicious PDFs or Office files.

Copy-paste prompts

Prompt 1
Using GHIDRA from the wtsxdev reverse-engineering list, walk me through disassembling a Windows EXE and identifying its main function and key strings.
Prompt 2
I want to start solving CTF reverse engineering challenges. Which tools from this repo should I install first and in what order for a beginner?
Prompt 3
Help me set up a Cuckoo sandbox using the dynamic analysis tools listed in this repo to analyze a suspicious file and capture its network traffic.
Prompt 4
Using the Yara resources from this list, write a Yara rule that detects a ransomware family based on specific string patterns in the binary.

Frequently asked questions

What is reverse-engineering?

A curated list of books, courses, tools, and practice platforms for learning reverse engineering, malware analysis, and binary analysis, organized by topic and tool type.

How hard is reverse-engineering to set up?

Setup difficulty is rated easy, with roughly 5min to a first successful run.

Who is reverse-engineering for?

Mainly developer.

Open on GitHub → Ask about another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.