# 0xz0f/z0fcourse_reverseengineering

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/0xz0f-z0fcourse-reverseengineering).**

5,852 stars · 584 forks · C++ · AGPL-3.0

## Links

- GitHub: https://github.com/0xZ0F/Z0FCourse_ReverseEngineering
- awesome-repositories: https://awesome-repositories.com/repository/0xz0f-z0fcourse-reverseengineering.md

## Description

This project is a structured course and instructional guide focused on x64 Windows reverse engineering. It provides a curriculum for analyzing and decompiling Windows binaries through the study of assembly language and operating system internals.

The material covers Windows binary analysis and malware analysis, with a specific focus on interpreting x64 machine code to recover original program logic. It guides the user through the process of tracing program behavior and logging function calls to understand how binaries operate.

The technical scope includes assembly-level decompilation, debugger-driven state inspection, and dynamic call tracing. It also covers instruction-based analysis, Windows API hooking, and x64 register mapping to monitor how software interacts with the system.

## Tags

### Operating Systems & Systems Programming

- [Reverse Engineering Tools](https://awesome-repositories.com/f/operating-systems-systems-programming/binary-analysis-capabilities/reverse-engineering-tools.md) — Offers a structured curriculum for analyzing and decompiling binaries through assembly and OS internals. ([source](https://github.com/0xz0f/z0fcourse_reverseengineering#readme))
- [Behavioral Tracing](https://awesome-repositories.com/f/operating-systems-systems-programming/behavioral-tracing.md) — Provides techniques for logging function calls and execution paths to observe program interaction with the system.
- [Binary Decompilation](https://awesome-repositories.com/f/operating-systems-systems-programming/binary-decompilation.md) — Provides instructional material on translating x64 machine code into human-readable logic to reconstruct compiled programs.
- [Binary Execution Analysis](https://awesome-repositories.com/f/operating-systems-systems-programming/binary-execution-analysis.md) — Instructs on logging function calls and tracing program behavior to understand binary operations. ([source](https://github.com/0xz0f/z0fcourse_reverseengineering#readme))
- [Instruction Analysis Tools](https://awesome-repositories.com/f/operating-systems-systems-programming/instruction-analysis-tools.md) — Breaks down binary execution into assembly instruction sequences to map the program's logical flow.
- [x64 Assembly Analysis](https://awesome-repositories.com/f/operating-systems-systems-programming/x64-assembly-analysis.md) — Provides a guide to studying low-level x64 machine code to recover program logic from binaries.
- [Windows System Hooks](https://awesome-repositories.com/f/operating-systems-systems-programming/windows-system-hooks.md) — Covers the interception of system calls between binaries and the Windows OS to monitor activity.

### Part of an Awesome List

- [Reverse Engineering Courses](https://awesome-repositories.com/f/awesome-lists/learning/reverse-engineering-courses.md) — Provides a structured curriculum for analyzing and decompiling Windows binaries by studying assembly and OS internals.

### Development Tools & Productivity

- [Binary Analysis](https://awesome-repositories.com/f/development-tools-productivity/binary-debuggers/windows-x64-debuggers/binary-analysis.md) — Teaches how to analyze x64 executable files specifically for the Windows operating system.

### System Administration & Monitoring

- [Dynamic System Tracing](https://awesome-repositories.com/f/system-administration-monitoring/dynamic-system-tracing.md) — Guides users in logging function entry and exit points during runtime to identify active code paths.
- [Execution State Debuggers](https://awesome-repositories.com/f/system-administration-monitoring/execution-state-debuggers.md) — Teaches how to use debuggers to pause execution and inspect memory heaps and stack frames.

### Education & Learning Resources

- [Binary Analysis Tutorials](https://awesome-repositories.com/f/education-learning-resources/binary-analysis-tutorials.md) — Ships instructional material on tracing program behavior and logging function calls in x64 binaries.
- [Windows Assembly Guides](https://awesome-repositories.com/f/education-learning-resources/windows-assembly-guides.md) — Provides a guide to interpreting x64 machine code and reverse engineering software for Windows.

### Security & Cryptography

- [Malware Analysis](https://awesome-repositories.com/f/security-cryptography/malware-analysis.md) — Applies reverse engineering techniques to investigate malicious software and its impact on Windows hosts.

### Software Engineering & Architecture

- [Call Convention Analysis](https://awesome-repositories.com/f/software-engineering-architecture/state-management/hardware-register-state-managers/call-convention-analysis.md) — Explains how to track x64 hardware registers to understand data passing in a 64-bit environment.
