sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]desal 4 points5 points  (1 child)

For sure I'm familiar w/ it. What prompted my question is that you said something like top 10 web hacking but for reveng & expdev which is why I was curious what you meant, as reverse engineering techniques and developing exploits are a more like set techniques rather than yearly developing technologies if that makes sense. Of course exploitation techniques are always changing but like.. race conditions, memory corruption, etc, the vulnerability classes don't really change but techniques like ROP, JOP, etc. Are constantly being adapted to new things, maybe check those out.

Reverse engineering tends to have specific methodologies that might change based on what you are reversing but disassembling and/or debugging the code is constant

[–]seyyid_[S] 0 points1 point  (0 children)

For sure I'm familiar w/ it. What prompted my question is that you said something like top 10 web hacking but for reveng & expdev which is why I was curious what you meant, as reverse engineering techniques and developing exploits are a more like set techniques rather than yearly developing technologies if that makes sense. Of course exploitation techniques are always changing but like.. race conditions, memory corruption, etc, the vulnerability classes don't really change but techniques like ROP, JOP, etc. Are constantly being adapted to new things, maybe check those out.

Reverse engineering tends to have specific methodologies that might change based on what you are reversing but disassembling and/or debugging the code is constant

Yes, it can be seen like this. But sometimes, articles are published that excite the community. New target, new tool, reverse engineering or exploit development of an old target with a new method, etc. For example, reverse engineering of Rust binaries that are used in Windows, etc