Reverse Engineering Fundamentals

When deeper understanding is needed, reverse engineering provides insights:

Assembly Language Basics:

; Common x86 instructions
mov eax, 0x41414141    ; Move value into register
push ebp               ; Save base pointer
call 0x401000          ; Call function
jmp 0x401100          ; Unconditional jump
cmp eax, 0            ; Compare values
jnz 0x401200          ; Jump if not zero

IDA Pro Navigation:

F5: Decompile to pseudocode
X: Cross-references
N: Rename function/variable
Space: Switch graph/text view
G: Go to address

Ghidra Analysis:

# Ghidra Python script example
from ghidra.program.model.listing import CodeUnit

# Find all function calls
listing = currentProgram.getListing()
for function in listing.getFunctions(True):
    print(f"Function: {function.getName()}")
    for ref in function.getCallingFunctions():
        print(f"  Called by: {ref.getName()}")