Skip to content

> reverse-engineering --techniques --assembly

The reverse engineering knowledge base.

A community-driven catalog of techniques, assembly references and tooling for reverse engineering, decompilation and binary analysis.

131
Techniques
44
Assembly entries
52
Glossary terms

// Category

Packing & Cryptersbeginner
Bundling malware inside a compiled AutoIt executable, where the interpreter stub carries the obfuscated script and payload as appended resources.
windows
Living off the Landintermediate
Attackers abuse the signed esentutl.exe to copy locked files via VSS or pull payloads from remote shares under a trusted Windows binary.
windows
Anti-Analysisbeginner
Malware probes real outbound connectivity and bails when it hits the fake or filtered internet that analysis sandboxes commonly simulate.
windowslinux
Command & Controladvanced
A botnet replaces its central server with a peer-to-peer overlay, so nodes relay commands to each other with no single C2 address to seize.
windowslinux
Living off the Landintermediate
Attackers pass base64-encoded scripts to powershell.exe via -EncodedCommand to obfuscate intent and evade command-line inspection under a trusted shell.
windows
Persistenceintermediate
Attackers replace or redirect accessibility binaries like sethc.exe or utilman.exe so a payload runs from the logon screen with SYSTEM privileges.
windows

Blog