Beginner Reverse Engineering | Part 1: How To Find The Application Entrypoint (Main)

Working on more content! Let me know what else you'd like to see me do a video on.

MalwareTechBlog

Holy crap. I started reverse engineering about two years earlier, and I've devised so many tips and tricks and startup code pattern recognition to identify the main function over the years, but that tiny insight that the return value is actually used by the OS itself (so would have to be returned by the startup code too) is single handedly the best tip I've ever heard to pinpoint main! Game changing!

EvilSapphireR

This video helped me reverse an exe for htb.
After a damn year of nothing clicking, this one damn video tied everything together.
Thank you!

Jambion

The first time I opened my own simple Hello World program written in C, and saw how much extra boilerplate code is added to my program for the EXE to run, I was very much blown away, and now I realize that so much of what you see in IDA is often a lot of benign machine code that doesn't do anything bad at all, knowing how to identify it probably only comes from experience.

Cools

I got to know about you after reading the Wired article some months ago. I am so excited to find your YouTube channel. Am binge watching and following along :P Thanks a lot for doing this !!!!

atibhiagrawal

Thanks, great intro!
I would love a series where you reverse progressively more complicated programs up to real life malware examples.

tuppes

I would really appreciate some videos onto debuggers and dynamic analysis in general... like x64dbg, radare2 or even gdb

seiv-

this is really interesting even for a non cybersecurity person who is just casually programming sometimes

edit: i would love to see more of this technical stuff... i feel like i could learn a lot from you

Lebensgott

I love your beginners videos so far <3
even for people who already have degrees in the field this is actually amazing

yeetyeet

Good one.. Please add walkthrough video on unpacking a malware.. The way you run through the concept is awesome

samjohn

This is gold, we need more RE tutorials and maybe even a x86 ASM course haha, honestly would pay for a course for malware analysis if you made one

Dulge

Thank you so much for the beginner series man. appreciate it.

SangharshSeth

Great video Marcus! So few people are on your level and your content is vital to help change that. Keep it up!

matthewlandry

I Tried doing this a couple of days ago reversing a hello world program but got overwhelmed by all the assembly and the control flow charts :P thanks marcus ty for this

jiteshkanojia

For some reason, when I follow the same procedure you did, IDA automatically shows the main function, not sure how... I did say no to symbols.

Also, gave you a sub. :)

CoreDreamStudios

Thank you very much. Please keep teaching dear @Marcus

johnsnow

Great video just like the last, love this kind of content on your level! As for more videos in the future just keep reversing harder and harder stuff then maybe even do more specific series of stuff after more general ones, like only ELF files, or only EXE, or use Ghidra instead of Ida or even R2

Novastuffnow

Marcus, this was so sick, thank you. I realized with the free IDA it doesn't look like you can show all of the function graph items at once? But once I started clicking through the different functions I was able to find the entry point as you described, Would love more of these beginner tuts. Question, how much better is IDA than Ghidra in your opinion?

xazauhitra

Zoom the code little bit also can you do a vid how you setup this environment for beginners? So we can follow this along! Thanks

zuberkariye

I would really appreciate some videos on how to be a researcher and malware analysis!

localcomputernerd