hey, I know lots of infosec people follow me
would anyone be willing to teach me some reverse engineering?
I figured out most of the init code, entry points, etc in a binary but the logic is completely incomprehensible to me even after many days
Conversation
Replying to
binaries are not my focus (I RE mostly JS), but debugger and profiler are also very effective RE tools, for example you can identify an application tick by looking at short-lived CPU spikes in a flame graph
breakpoints in a system call you know is getting invoked can also be a good way of finding the core "tick" stack
1
1
or you proxy a function to use it as log tap (the binary equivalent would probably be overriding a syscall)