Reverse Engineering: Ghidra For Beginners

Learn Reverse Engineering Using Ghidra On Linux And Windows

4.35 (274 reviews)
Udemy
platform
English
language
Network & Security
category
instructor
20,286
students
4 hours
content
Nov 2021
last update
$39.99
regular price

What you will learn

Reverse Engineering

Basics of Ghidra

Solving Linux and Windows CrackMe's

Understand Windows API's

Identify Entry Points, Main and WinMain functions

Analyzing using Function Graph and Function Call Trees

Doing String Search and Defined Strings

Windows API

Function Call Graphs

Creating Functions

Converting data types

Editing function signatures

Cross referencing function calls and strings

and more...

Description

If you have never used Ghidra before and want to learn how get started with using Ghidra to reverse engineer and analyse programs, then this is the course for you.

Ghidra is the strong competitor to IDA Pro and is used by NSA itself for Reverse Engineering. And the best thing is that it is totally free. It is used for Reverse Engineering, Malware Analysis and Exploits analysis. In this course we will learn Ghidra by solving  Linux  and Windows CrackMe challenges.  A CrackMe is a small program designed to test a programmer's reverse engineering skills. This course is an introduction to Reverse Engineering for anyone who wants to get started in this field. It is suitable for software developers who want to learn how software works internally and also for reverse engineers who want to understand how Linux  and Windows binaries work. This course will equip you with the knowledge and skill to use Ghidra in addition to whatever other tools you might already be familiar. It is also suitable for absolute beginners with no knowledge of reversing, as I will take you from zero to basics.

I will start off with showing you how to install Oracle Virtual Box. Then, installing Java SDK and Kali Linux in the Virtual Box. Then, we will reverse engineer Linux executable files.

Next, we will move on to installing Java SDK and Ghidra for Windows and reverse and analyze Windows programs. You will also learn how to reverse GUI CrackMe's. You will learn how to use Function Graphs, Function Call Trees, Search String, Defined Strings and more. The course will also cover how to identify program entry point and also find the main functions for command line interface apps and WinMain for GUI based apps.

By the end of this course, you will have the basic skills to start reversing and analyzing Linux and Windows binaries.

What you will learn:

  • How to disassemble programs into assembly code

  • How to decompile programs to C code

  • Static Analysis

  • Understand Windows API's

  • Identify entry points, main and WinMain functions

  • Use String Search and Defined Strings

  • Visualizing the Call Stack using Function Graph and Function Call Trees

  • Solving Crackmes

  • and more ...

Suitable for:

Anyone interested to learn Reverse Engineering on Linux and Windows executable files.

Screenshots

Reverse Engineering: Ghidra For Beginners - Screenshot_01Reverse Engineering: Ghidra For Beginners - Screenshot_02Reverse Engineering: Ghidra For Beginners - Screenshot_03Reverse Engineering: Ghidra For Beginners - Screenshot_04

Content

Introduction

Introduction

Installing Kali Linux and Ghidra

How to Install Kali Linux
How to Create a Shared Folder
Installing Ghidra

Creating Projects and Importing Files

Creating Projects and Importing Files

Decompiling Code and Renaming Symbols

Decompiling Code and Renaming Symbols

Saving and Restoring Virtual Machine Snapshots

Saving and Restoring Virtual Machine Snapshots

Configuring Ghidra to Highlight All Similar Variables Based On Selection

Configuring Ghidra to Highlight All Similar Variables Based On Selection
Understanding Command Line Parameters In Depth

ASCII Code and Hex Numbers

ASCII Code and Hex Numbers

ASCII Code and Array Indexes

ASCII Code and Array Indexes

Stepping into functions and adding comments

Stepping into functions and adding comments
Tracing Return Values

Ghidra on Windows

Installing a Windows Virtual Machine
Installing Java SDK On Wndows
Installing Ghidra, Creating Shortcuts and Changing Icons

Reversing Workflows

Reversing Workflows

Reversing GUI CrackMe's

Reversing GUI CrackMe's, Function Graphs, Function Call Trees, WinMain, Strings

Converting data types, Using Debuggers, Creating Functions and Function Graph

Converting data types
Using debuggers to find interesting address to decompile with Ghidra
Creating Functions and Decompiling Assembly

How to run windows exe programs on Linux

How to run windows exe programs on Linux

Reversing using combination of listing assembly and decompiled view

Reversing using combination of listing assembly and decompiled view
Analyzing autogen serial crackme

Resources For Further Study

Bonus Lecture

Reviews

James
May 29, 2022
I did the entire course, following through and understanding everything. Here is my take. This course is absolutely worth taking, on the caveat that it is not your sole resource for learning Ghidra. Though at times it can be difficult to understand what the instructor is saying due to his way of speaking, the main value I find from the course is that it doesn't "tell" you about how to use Ghidra, it walks you through actual programs to reverse and has you follow along so you're learning it hands-on. This course will not teach you C, it will not teach you assembly language, both of which are out of the scope of what this course is meant to do, which is teach you how to use Ghidra on a basic level. For this reason I recommend that after this course, you should use Ghidra's built in class inside the doc folder to get a more formal overview of all the features and their usage, since you will now have the practical skills taught by Paul and can go over some more dry reading of Ghidra and its use, including the manual itself. Paul's course was valuable to me and did what it set out to do, and now I'm taking his CSL course to get even more experience to supplement the theory I get from other sources. The hardest part of learning something is getting started doing it yourself, and Paul's courses definitely get you using the software in practical ways. If you want to learn Ghidra in a hands-on way instead of just watching or reading it, this is the course for you... just be ready to supplement what you practiced with other sources so you can round out your understanding!
Sparsh
May 14, 2022
This course covers many topics that are not out there / are not available easily so i loved this course.
Geoff
May 1, 2022
Good content but spends a little too much time "dumbing things down". I would expect that most users who looking a Ghidra would know how to make a VM etc.
Tom
April 3, 2022
Really good pace, explains everything thoroughly so nothing is left open to interpretation. Actually learned new skills (and how to apply these with new tools) thanks to this course.
Daniel
February 12, 2022
Good introductory course, the teacher is an expert on the subject but perhaps everything has been too compressed. Good course to land on ghidra.
James
January 31, 2022
All in all I enjoyed the course. I was not 100% new to Reverse Engineering so I was able to follow along very well. Paul it might be helpful to mention in your intro that this course is not necessarily for those who are completely new to RE but specifically for those new to testing out Ghidra. I noticed you have a number of other courses in which other tools are used so newer students might benefit from studying those at first if you go into greater detail.
Robert
January 29, 2022
Pretty darn good course. Instructor took the time to walk through installation on Linux & Windows then provided great lessons and explanation on how to use Ghidra to solve crack me challenges. This was great as the student was able to follow along and discover good techniques to use in the future. I tried a few other crack me challenges after the course and confirmed the methodology taught here works beyond the lab environment. Course is put together in a logical flow, allows full comprehension of why things are done and is passed well enough to allow smooth learning without the bog down in overly long lessons. I do recommend this course to others and look forward to more from the instructor!
Elias
November 11, 2021
Not enough about the details - for example, why do we select certain options when creating initial analysis on ghidra? Why does it matter platform to platform - how do we know which ones to select in the future? That being said, I was happy with the course contents.
Noah
September 11, 2021
Overall a really great course. I think this course is great for teaching you the tool but not the best if you are interested in learning the theory.
David
July 22, 2021
Great course. Can be a little redundant at points, but that might be necessary for absolute beginners and if you already have the experience you can just skip on forward.
Sailslack
June 19, 2021
Great way to approach reverse engineering. All was very well explained. Looking forward for going deeper...
Val
May 5, 2021
intro video was mostly clips overlayed with classical music. The next part on how to use virtual box and download and install kali is not really relevant.

Charts

Price

Reverse Engineering: Ghidra For Beginners - Price chart

Rating

Reverse Engineering: Ghidra For Beginners - Ratings chart

Enrollment distribution

Reverse Engineering: Ghidra For Beginners - Distribution chart

Coupons

DateDiscountStatus
4/22/202175% OFF
expired
5/4/2021100% OFF
expired
12/4/202175% OFF
expired
1/6/202275% OFF
expired
4/18/202275% OFF
expired
3890548
udemy ID
3/4/2021
course created date
4/1/2021
course indexed date
Bot
course submited by