Reverse engineering enhances the understanding of both programming thought and skills. This video is easy to follow, and the main techniques of reverse engineering are shown clearly, which makes me want to decompile a small interesting program to analyze it.
read the book Code by Charles Petzold. You will understand how the CPU and assembler works even if you are a total noob. After that you will automatically understand how programming languages work, reverse engineering too and so on.
Wow that was probably one of the best descriptive reverse engineering videos I've seen to date. Your method of explaining and showcasing each step in each function is fantastic and even explaining how to identify when disassemblers/decompilers mess up and how to fix them. Bravo. I'm upset that I waited this long to actually start watching these videos.
I prefer ollydbg 2.01 or x64dbg for 64 bit, ghidra makes really easy the reverse process, can get a source code... I prefer analyze asm instructions one by one for understand fully process but this isn't the best stategy.. one by one can take you a lot of time i use call stack window for locate specific part i want to analyze!
Just gotta learn GDB, Radare, OllyDBG for Windows, and assembly. And even then the assembly is the part that while takes the longest isn't too bad once you get used to it.
I am currently doing my bachelor in Computer Science and didn't know this reverse engineering even existed! Very cool and very nicely explained. Showing the keyboard output is also a nice addition of you! Thanks :)
starshipeleven presumably you download the sample from within the VM, then disable the Ethernet adapter that gives the VM Internet access to prevent worms from going through the connection.
Just something that scares me : They are easy accessible websites to download loads of virus to try antivirus and understanding how they work ? I hope they tell the user several warnings before sending the file
Very interesting and complete video, first time I watch a reversing engineering video and I love the way you investigate and explain what you do. It's the first video of your channel I see and I love it. Keep going !
That was very insightful! I'm a software developer/architect for 17 years now and I must say that you have a very nice way to tell details and to guide your audience. thank you very much! for the follow up video I would like to see the "physical" impact of the malware, like show the registry-key or the installation folder to make it more understandable for non-developers.
I have a few questions. I've done vb coding for years, but more as a supplement to my other work loads, I'm not a full blown dev. First, what was so hard about spotting the kill switch? There must have been a lot of the best devs looking at this code globally for 4 days, the guy who killed it even did that on accident. Secondly, and I'm not advocating for better viruses, but would a kill switch that the owner had exclusive controle over not be possible? They went to great lengths coding this but left the kill switch free for anyone to use.
first time i watched this about 2 year ago and i was a simple java programer now i am a c/c++ programming working at a hardware developing company and i just watched this again that was awesome , i finally understood what was u talking about , i am always checking u tube for part 2 please upload it i am tried :)
I don't really know what's going on because Im noob but these videos are cool, this is the best and practical approach I've seen I think, loving it and subbed immadietely, good commentary, step by step. Waiting for more.
I came across your channel shortly after downloading Ghidra. I appreciate how you clearly detail your train of thought in each video. I hope to see more!
Reading the WannaCry warning, the creaters were real lads, providing multiple languages, information about BitCoin and a contact method. They just sound incredibly kind.
Kind, maybe not, but they were reasonable. Do as we ask and we promise all will be well. And see we have written in clear language what we want you to understand. Give us the money and have a nice day 😊
@@kahlzun Investigations show that this was most likely an attack by the North-Korean Government-Controlled Lazarus hacking group to fund nuclear programs and Fatass Jong Un's Sanction-Bypassing Goldschlager run. Eh, probably not Goldschlager. The fatass is probably going for something more expensive.
Really well done video. I think you should keep this series in this format. Personally I like the pacing of the video, and wouldn't want it slower, or faster.
Nice tutorials man! Maybe some basics for reverse engineering video's in Ghidra would be great as well! Like explaining how the system works and what each action truly means :). But it's great :) Can't wait for the next one.
Interesting and good video. Reverse engineering and programming isn't really my thing and a lot of it is going over my head. But it's an interesting and informative video none the less. Waiting to see part 2!
Amazing video, very good to follow and it helped me a lot with some frustrating 'features' in Ghidra. I found I was using the disassembler window more than the decompilation window because of weird decompilation results - you helped me understand getting better decompilation results by adjusting Ghidra's interpretation of some code. Thanks!
@@stacksmashing greaat tut, can please explain if possible im chrome devtools save the changes i make in offline? i want change a pwa web worker app that works online and offline but the changes i made nolt save when i restart the app, exist any trick to save?if i not save i only get the cache of pwa app and not possible open and edit i think, thanks
I honestly didn't understand a single thing but I still appreciate the video, so thanks for sharing this. I wonder who was behind the attack. It pisses me off there was nothing I could do to help when it happened to my relatives.
@@fatfr0g570 they formally asserted its origin as North Korea, the only 2 instruction pages not machine translated were english and chinese. more interestingly, the developers computers had Korean font families installed and build stamps indicated their timezone.
Very good video. Thanks for this video. That flowchart was helpful too. I have never seen reverse engineering in practice, this was very interesting. Very similar to debugging programs only here we don't have symbol information and have to create our own symbols, but it seems this Ghidhra tool makes things a lot convenient. Whoever wrote this malware must have very good knowledge of Windows API, maybe even about Windows kernel.
I thought it was a long time before the kill switch was actually discovered, but it seems here that you uncovered the url 5 mins into the video. Is it really that easy or is it much harder than it looks?
Si entendiera inglés y lo que haces me encantaría seguir lo que haces. Mis ojos se quedaron atrapados cuando vi este video al parecer lo había visto antes y no comenté. .Mis respetos hombre.
@@Slenderman63323 Nahh, things are constantly changing which keeps it interesting. Unless you dont know what youre doing or looking at then yeah, I could see it getting "old fast"
Would love to see a tutorial on TP-Link router firmware RE or firmware with similar architecture, reverse engineering and rebuild of the firmware. Love your videos so far.
Wow... as difficult as all this sounds, I'm a new security enthusiast, so I'm still learning. I was able to understand and somewhat follow what you were doing. kudus.
I am looking forward to the next video. (Should you encrypt the copy of Wannacry on your website using the AES key in your previous video? That would protect script kiddies from themselves and create a nice easter egg/crackme challenge?)
This is very interessting! Can't wait for part 2. Have discovered these malwares before, but fortunately it was on a computer with no important stuff on it. One question, are you really using mac osx or is this linux with mac os x skin ??
This is super interesting, however there were some parts that I did not know what you were talking about - mainly the parts where you talk about the code itself, around 3 minutes. I have a focus on network and security, but my coding is very limited (python only, intermediate level). What do you recommend to learn/get familiar with for reverse engineering or to look at code and understand it?
Yea, so my recommendation is to get really familiar with C - especially pointer arithmetic etc. From there you have a good understanding on how memory etc works and can go into assembler itself much easier :)
A lot of Assembler can be attributed to C, especially the memory parts. Learn about C and then you will, at once, understand the memset functions and more
Reminds me when I reverse engineered a program that communicated with certain peripherals to try to understand how that obscure peripheral worked. No information online except for the program itself at hand.
that URL is actually the domain that Marcus Hutchins registered to stop WannaCry from spreading. Each time the ransomware worm spreads over a network, the virus pings that address. If the address is pinged and online, it will no longer spread.
I was flying by the seat of my pants for most of this video, but I had JUST enough experience with C/C++ from college to follow MOST of what's going on? Good thing there are better geeks than me that were on top of this thing before it could do... more damage than it did... and props to the guy that accidentally found the kill switch :-)
The video is excellent, I understood most of it with some rudimentary background in programming. I would suggest that after you finish uploading all the videos running through the code, that you upload a 5-10 minute video with just a recap of what you learned and maybe a description of the overall workflow and your thoughts. I think that one would be a lot better for the rest of the 95% of watchers.
hey, thanks dude! Probably speeding up the video was a good idea. I wish I could speed up Ghidra itself in a live session. I tried to open Microsoft's comctl32.dll in it and it took forever, and made it very sluggish afterwards. Quick question -- how do you load symbols from the Microsoft server into it? (Like we used to do with windbg.)
Imma be honest im just a python programmer with a little bit of experencine in rust. So even thouh i had a very vauge idea of what you were doing and having a somewhat good understanding of reverse engineering i still enjoyed it and kind of put it on as just some white noise in to do some linux stuff. Nice video!
It's a great one for sure, but does not yet have a debugger (though supposedly it'll be released soon). There are lots of tools: - Radare2 (and Cutter as its UI) - opensource & free - Retdec decompiler - opensource & free - IDA Pro + Hex-Rays decompiler (Expensive, a free version is available of IDA though) - de-facto industry standard etc :) I am very impressed with Ghidra for non x86/x64 stuff, so I like it so far! But as you can see in this video, the decompiler really isn't the best for x86/Windows
Reverse engineering enhances the understanding of both programming thought and skills. This video is easy to follow, and the main techniques of reverse engineering are shown clearly, which makes me want to decompile a small interesting program to analyze it.
安笑生 yeah we can learn programming from reverse engineering stuffs
你好同志
lol
@@wanderingpalace 安笑生
@@wanderingpalace i love xi jinping's huge cawk
@@wanderingpalace no you absolutely can't
"Microsoft security center (2.0) sevice" LMAO
I'm a vegetable that doesn't understand anything but this was an interesting video
@@ayylmaoglow
takes one to know one! unless you're a reptilian
read the book Code by Charles Petzold. You will understand how the CPU and assembler works even if you are a total noob. After that you will automatically understand how programming languages work, reverse engineering too and so on.
@Rajath Pai trust me. Petzold is a guru
@@ThisDaveAndThatJohn code by charles petzold?
Ok BOOMER
Wow that was probably one of the best descriptive reverse engineering videos I've seen to date. Your method of explaining and showcasing each step in each function is fantastic and even explaining how to identify when disassemblers/decompilers mess up and how to fix them.
Bravo. I'm upset that I waited this long to actually start watching these videos.
Fully agree, amazing video! Simple step by step explanation is excellent!
I didn't understand anything of what you did, but the casualness of explaining something so exoticly complicated drew me in.
Looks like Ghidra is a very good renaming tool!
I prefer ollydbg 2.01 or x64dbg for 64 bit, ghidra makes really easy the reverse process, can get a source code... I prefer analyze asm instructions one by one for understand fully process but this isn't the best stategy.. one by one can take you a lot of time i use call stack window for locate specific part i want to analyze!
@@vladysmaximov6156 keep us posted mate
@@vladysmaximov6156 weird flex but ok
@@vladysmaximov6156 I tried out ghidra and improved my performance like 10 times (mainly due to being shit in reading asm fast).
@@vladysmaximov6156 You absolute pleb. Version 1.10 or GTFO.
You know too many things. You explain it too casually like it's food lmao.
This guy be like:
Ok, let me present you my house.
hijacking this to say WE NEED PART 2
Inserts his too powerful(smart) to be kept alive meme*
looks pretty standard to me
Plot twist: he is the hacker who made wanna cry
marv b first 20 minutes is really basic stuff. Its just general reversing and assigning names
Ghidra ninja:The function is very simple
Me:
Love this! Please create a series of Reverse Engineering Basics!
Yes
Just gotta learn GDB, Radare, OllyDBG for Windows, and assembly. And even then the assembly is the part that while takes the longest isn't too bad once you get used to it.
Oh and IDA / Binary Ninja are good too.
I understood everything except for the renaming parts. Meaning i did not understand a thing. Cool vid tho, you've earned a sub!
This was SUPER interesting and well made, please continue! You left us on a cliffhanger!
I am currently doing my bachelor in Computer Science and didn't know this reverse engineering even existed!
Very cool and very nicely explained. Showing the keyboard output is also a nice addition of you! Thanks :)
RubenCO what language is this in?
@@elijahburnham7882 The left side of Ghidra is x86 Assembly and the right side is C.
@@Slenderman63323you need low level knowledge to be able to do stuff like this since the c code that is outputed is very low level
everyone: try not downloading files from entrusted places!!!
Ghidra: let's unpack the malware !
@starshipeleven He could use a VM.
What is an entrusted place?
starshipeleven presumably you download the sample from within the VM, then disable the Ethernet adapter that gives the VM Internet access to prevent worms from going through the connection.
starshipeleven forgot about that option, thanks for reminding me.
Just something that scares me :
They are easy accessible websites to download loads of virus to try antivirus and understanding how they work ?
I hope they tell the user several warnings before sending the file
Very interesting and complete video, first time I watch a reversing engineering video and I love the way you investigate and explain what you do. It's the first video of your channel I see and I love it. Keep going !
WannaCry: exists
Ghidra: im about to end this mans whole carrer
what the H E C C is a carrer
@@xyphoes345 it's a carrer
@@glowingone1774 isnt it meant to be a *career* tho
@@xyphoes345 no this is much different.
but wannacry isnt a man
Just wow. Impressive job! I hope you are employed by one of the major tech/AV companies.
Ghidra: *does windows reverse engineering in iOS*
Windows: "Am I a joke to you?"
macOS*
@@rohitas2050 woops
more like Reclass: Am I a Joke to you ?
@@Elffi LOL
That was very insightful! I'm a software developer/architect for 17 years now and I must say that you have a very nice way to tell details and to guide your audience. thank you very much!
for the follow up video I would like to see the "physical" impact of the malware, like show the registry-key or the installation folder to make it more understandable for non-developers.
I have a few questions. I've done vb coding for years, but more as a supplement to my other work loads, I'm not a full blown dev.
First, what was so hard about spotting the kill switch? There must have been a lot of the best devs looking at this code globally for 4 days, the guy who killed it even did that on accident.
Secondly, and I'm not advocating for better viruses, but would a kill switch that the owner had exclusive controle over not be possible? They went to great lengths coding this but left the kill switch free for anyone to use.
I'm so happy that TH-cam recommended this video to me. Keep up the good work! Waiting for part 2..
Hopefully tomorrow :) life has been busy
first time i watched this about 2 year ago and i was a simple java programer
now i am a c/c++ programming working at a hardware developing company and i just watched this again
that was awesome , i finally understood what was u talking about , i am always checking u tube for part 2 please upload it i am tried :)
TH-cam algo has done it again. Could understand probably 1% of what was talked about, but it seemed very interesting. Subscribed!
I don't really know what's going on because Im noob but these videos are cool, this is the best and practical approach I've seen I think, loving it and subbed immadietely, good commentary, step by step. Waiting for more.
Subbed instantly.Cant wait for another episodes.
Abra, Kadabra, Alakazam,
You now possess a new subscriber,
Simsalabam.
I came across your channel shortly after downloading Ghidra. I appreciate how you clearly detail your train of thought in each video. I hope to see more!
Fantastic Video, I hope to see more both on wannacry and other things soon. As an embedded SW guy looking to get into RE this was great.
Reading the WannaCry warning, the creaters were real lads, providing multiple languages, information about BitCoin and a contact method.
They just sound incredibly kind.
tbh, i think they knew that they would affect millions of devices. humble people
Kind, maybe not, but they were reasonable. Do as we ask and we promise all will be well. And see we have written in clear language what we want you to understand. Give us the money and have a nice day 😊
professionals have *standards*
cant get money from someone who cant understand what they are reading
@@kahlzun Investigations show that this was most likely an attack by the North-Korean Government-Controlled Lazarus hacking group to fund nuclear programs and Fatass Jong Un's Sanction-Bypassing Goldschlager run. Eh, probably not Goldschlager. The fatass is probably going for something more expensive.
I am just happy that there are people out there who understand stuff like this! 😅
First time TH-cam recommended me something amazing. 😀
subbed, 22 minutes passed like a breeze
Hey, I love watching reverse engineering videos! Thank you for this one. I'm glad that the TH-cam recommendation bots have blessed you.
Ghidra looks like an EXCELLENT tool to manage an RE session. Top notch.
Really well done video. I think you should keep this series in this format. Personally I like the pacing of the video, and wouldn't want it slower, or faster.
Nice tutorials man! Maybe some basics for reverse engineering video's in Ghidra would be great as well! Like explaining how the system works and what each action truly means :). But it's great :) Can't wait for the next one.
Wow this is very impressive! Great job & keep going :)
I don't know shit about coding, but you've explained this in a very human-readable way and i appreciate that.
Interesting and good video. Reverse engineering and programming isn't really my thing and a lot of it is going over my head. But it's an interesting and informative video none the less. Waiting to see part 2!
Amazing video, very good to follow and it helped me a lot with some frustrating 'features' in Ghidra. I found I was using the disassembler window more than the decompilation window because of weird decompilation results - you helped me understand getting better decompilation results by adjusting Ghidra's interpretation of some code.
Thanks!
That's awesome to hear, thank you! Feel free to let me know what else you have trouble with, maybe it's something I can feature in the future
@@stacksmashing I'll be sure to comment it when I find more stuff, but seeing you work already solves a lot of problems!
@@stacksmashing greaat tut, can please explain if possible im chrome devtools save the changes i make in offline? i want change a pwa web worker app that works online and offline but the changes i made nolt save when i restart the app, exist any trick to save?if i not save i only get the cache of pwa app and not possible open and edit i think, thanks
Looks good want to see the following episode. Reverse engineering seems pretty fun.
I have no idea what's gong on here, but I'm straining to understand. Great video!
Man, I used to debug exe using ollydebug and you are taking it to another level 🤯
This was super interesting. Please continue with this series
I honestly didn't understand a single thing but I still appreciate the video, so thanks for sharing this.
I wonder who was behind the attack. It pisses me off there was nothing I could do to help when it happened to my relatives.
It might be finger pointing, but the US, UK, and Australia claimed that North Korea was behind the attack.
@@fatfr0g570 they formally asserted its origin as North Korea, the only 2 instruction pages not machine translated were english and chinese. more interestingly, the developers computers had Korean font families installed and build stamps indicated their timezone.
Very good video. Thanks for this video. That flowchart was helpful too. I have never seen reverse engineering in practice, this was very interesting. Very similar to debugging programs only here we don't have symbol information and have to create our own symbols, but it seems this Ghidhra tool makes things a lot convenient.
Whoever wrote this malware must have very good knowledge of Windows API, maybe even about Windows kernel.
Very informative and interesting video. Thanks for that amazing upload! I cannot wait to see its continuation.
I didn't understand single bit of information u said but I watched full video..and subscribed.. Thanks for making this video
Keep up the amazing work you do with your videos!
Dude!! This is an epic walkthrough of reverse engineering - SO INTERESTING!!
I used the GNU debugger to reverse engineer some stuff, but with more complex programs it gets harder, this seems make things more agile and clear
Might be just Ghidra making it seem too easy 😃
I thought it was a long time before the kill switch was actually discovered, but it seems here that you uncovered the url 5 mins into the video. Is it really that easy or is it much harder than it looks?
I’m trying to learn Ghidra and reverse engineering in general, and this and your other videos are so helpful.
Best video i ever seen on reverse engineering, keep it easy to understand! Thank you.
imagine doing this and accidentally running wannacry. i would actually scream
**laughs in multiple VMs running in Arch Linux**
i use arch btw
@@watema3381 no one cares
@@bigbythebigbadwolf aparently you do cause you replied!
also (incase you haven't noticed), it's an inside joke
@@watema3381 still no one cares
@@medo7dody ur prob crying behind ur screen: i dont care either but i gotta be an edgy loser so i can prove this guy wrong
Si entendiera inglés y lo que haces me encantaría seguir lo que haces. Mis ojos se quedaron atrapados cuando vi este video al parecer lo había visto antes y no comenté. .Mis respetos hombre.
Thanks man! Great content!! Definitely looking forward to more!!
All the best!!
you have finally cracked the 'WannaCry'' virus! I'm Impressed
I wouldn't mind doing that for a living. It seems like the sweet spot between meditative focus, puzzle solving, and education.
Trust me, it gets old fast.
@@Slenderman63323 Nahh, things are constantly changing which keeps it interesting. Unless you dont know what youre doing or looking at then yeah, I could see it getting "old fast"
Very nice video, thank you. I would definitely want to see more malware analysis with ghidra videos. :)
"This is part 1"
*months later*
6 days ago part 2 was released
i'm ignorant as a goat about this, but i find this voice quite relaxing and soothing
Thanks for your videos, great detail. I hope you carry on with this channel and it's content.
Your skills are unbelievable. Good job 👏🏼
Would love to see a tutorial on TP-Link router firmware RE or firmware with similar architecture, reverse engineering and rebuild of the firmware. Love your videos so far.
So fast and accurate like a real ninja 😂, nice video , I didn't have to use speed 2 , like I usually do 😂
Wow... as difficult as all this sounds, I'm a new security enthusiast, so I'm still learning. I was able to understand and somewhat follow what you were doing. kudus.
I am looking forward to the next video. (Should you encrypt the copy of Wannacry on your website using the AES key in your previous video? That would protect script kiddies from themselves and create a nice easter egg/crackme challenge?)
Thanks for the great work! Can't wait for a part 2
Again your videos are insanely good !!! Love it !
i wonder if wannacry author watched it :D
Nsa? Of course
@@jayzah It was made by North Korean cybercrime organization codenamed 'Lazarus'
It probally have more than 1 author
Parents: Install obvious virus that slows down the computer.
Parents: It must be that Steam thing.
Impressed by your work. Keep it up! :D
So the killswitch-URL in question was stored in plaintext in the program?
Why wasnt it encrypted?
Because not many people is an expert at coding.
@@Trimint123 but the creator of wannacry is dipshit
you make me realise how little I know about anything. Great video
Well, I dont really understand well but Im here to understand it better, thanks for the video!
Edit: i actually managed to understand a part of it
Wow, I learnt so much about decompilation in this video! Thanks, keep it up!
Imagine how difficult this would have been if they had obfuscated their binary, adding thousands of false paths that don’t actually lead anywhere
This is very interessting! Can't wait for part 2. Have discovered these malwares before, but fortunately it was on a computer with no important stuff on it. One question, are you really using mac osx or is this linux with mac os x skin ??
Nope this is macOS
it's macOS 2: electric boogaloo (system-wide dark theme included)
get your copy today and save 50% off the normal cost!
Great video! Looking forward to more of your videos on Ghidra reverse engineering!
i don't know much about what you are doing but you earn a new subscriber here
i dont know what you are saying but i think this is very great
Highly informative! Clearly explained, only understood about half of it but subscribed!!!
This is super interesting, however there were some parts that I did not know what you were talking about - mainly the parts where you talk about the code itself, around 3 minutes. I have a focus on network and security, but my coding is very limited (python only, intermediate level). What do you recommend to learn/get familiar with for reverse engineering or to look at code and understand it?
Yea, so my recommendation is to get really familiar with C - especially pointer arithmetic etc. From there you have a good understanding on how memory etc works and can go into assembler itself much easier :)
A lot of Assembler can be attributed to C, especially the memory parts. Learn about C and then you will, at once, understand the memset functions and more
Reminds me when I reverse engineered a program that communicated with certain peripherals to try to understand how that obscure peripheral worked. No information online except for the program itself at hand.
Awesome video looking fwd to part 2
I didn't understand anything, but I would have loved to cause it seems like a very useful skill to have and props to you for being so good at it!
Great video! Thank you! When will part 2 be released?
Verstehe erst noch Bahnhof, aber ist ein interessanter Kanal. Weiter so!
that URL is actually the domain that Marcus Hutchins registered to stop WannaCry from spreading. Each time the ransomware worm spreads over a network, the virus pings that address. If the address is pinged and online, it will no longer spread.
I was flying by the seat of my pants for most of this video, but I had JUST enough experience with C/C++ from college to follow MOST of what's going on?
Good thing there are better geeks than me that were on top of this thing before it could do... more damage than it did... and props to the guy that accidentally found the kill switch :-)
I dont know C or C++ or whatever is on the right, but at least i understand whats going on in the assembly code
This is some quality work! Congrats...
The video is excellent, I understood most of it with some rudimentary background in programming. I would suggest that after you finish uploading all the videos running through the code, that you upload a 5-10 minute video with just a recap of what you learned and maybe a description of the overall workflow and your thoughts. I think that one would be a lot better for the rest of the 95% of watchers.
hey, thanks dude! Probably speeding up the video was a good idea. I wish I could speed up Ghidra itself in a live session. I tried to open Microsoft's comctl32.dll in it and it took forever, and made it very sluggish afterwards.
Quick question -- how do you load symbols from the Microsoft server into it? (Like we used to do with windbg.)
Keep doing this. Show the world sth more about WannaCry.
Imma be honest im just a python programmer with a little bit of experencine in rust. So even thouh i had a very vauge idea of what you were doing and having a somewhat good understanding of reverse engineering i still enjoyed it and kind of put it on as just some white noise in to do some linux stuff. Nice video!
Thank you. Really enjoy and learn much from your videos.
Does Ghidra is best in reverse engineering or do you advise another tool/program?
It's a great one for sure, but does not yet have a debugger (though supposedly it'll be released soon).
There are lots of tools:
- Radare2 (and Cutter as its UI) - opensource & free
- Retdec decompiler - opensource & free
- IDA Pro + Hex-Rays decompiler (Expensive, a free version is available of IDA though) - de-facto industry standard
etc :)
I am very impressed with Ghidra for non x86/x64 stuff, so I like it so far! But as you can see in this video, the decompiler really isn't the best for x86/Windows
congrat for the 1M !!! btw i do not understand a thing about the vid
Great video. Waiting for the next part
I almost fell asleep watching this video just because of this guy's beautiful asmr voice
The part that got me was that Marcus created something to detect it but not with the intention to kill it.