Reddit mentions of The IDA Pro Book, 2nd Edition: The Unofficial Guide to the World's Most Popular Disassembler

For reverse engineering:

1. http://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315/ref=sr_1_1?s=books&ie=UTF8&qid=1450459302&sr=1-1&keywords=reverse+engineering
   
   
2. http://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Eilam/dp/0764574817/ref=sr_1_2?s=books&ie=UTF8&qid=1450459302&sr=1-2&keywords=reverse+engineering
   
   
3. http://www.amazon.com/IDA-Pro-Book-Unofficial-Disassembler/dp/1593272898/ref=sr_1_7?s=books&ie=UTF8&qid=1450459302&sr=1-7&keywords=reverse+engineering
   
   For malware analysis and malware techniques
   
   
4. http://www.amazon.com/Practical-Malware-Analysis-Hands--Dissecting/dp/1593272901/ref=sr_1_10?s=books&ie=UTF8&qid=1450459302&sr=1-10&keywords=reverse+engineering
   
   
5. http://www.amazon.com/Malware-Analysts-Cookbook-DVD-Techniques/dp/0470613033/ref=sr_1_2?s=books&ie=UTF8&qid=1450459367&sr=1-2&keywords=malware+analysis
   
   
6. http://www.amazon.com/Art-Memory-Forensics-Detecting-Malware/dp/1118825098/ref=sr_1_5?s=books&ie=UTF8&qid=1450459367&sr=1-5&keywords=malware+analysis
   
   For programming
   
   
7. Complete Reference C and Complete Reference C++
   
8. NASM Manual
   
   
9. Intel Software Developer Manual (http://www.intel.com/content/www/us/en/processors/architectures-software-developer-manuals.html)
   
   This should be enough for you to get started.

Hey /u/Xerack! I'm the original author of the post linked here.

Appreciate the feedback! If you think I could clarify anything better, please let me know.

As far as resources for Reverse Engineering, I can provide you with a baseline that I would recommend starting with.

x86 Assembly:


If you don't know assembly language at all, this list of videos was where I picked up a decent amount of x86 assembly language.


A few good books would be:

• Hacking: The Art of Exploitation I am a huge advocate for this book. I learned a lot from this and have read it multiple times. It is written very well and teaches someone with no experience how to do C programming and assembly. This is mainly a book for learning exploitation/vulnerability research, but that can play hand and hand with Reverse Engineering. It will show you the assembly language break down of basic exploits and this can help you with RE.
  
  
• Practical Reverse Engineering I read through the beginning of this book and it gave me some good foundations of understanding memory and computer architecture for RE along with assembly of course
  
  
• Secrets of Reverse Engineering This book is a bit in depth, but the beginning gives another good foundation for Comp Architecture and assembly stuff.
  
  
• The IDA Pro Book Haven't personally read this book yet, but I have been told it is the defacto standard for learning IDA Pro, and it has examples you can learn from.
  
  Hands On:
  
  
  
• Legend of Random Very useful hands on with tutorials. Mainly based on cracking, but that requires reverse engineering. Highly recommend this!
  
  
• Lenas Tutorials Again, another awesome hands on tutorial, mostly based on cracking as well.
  
  
• Crackmes These are more of challenges once you start to have a little understanding down
  
  Courses:
  
  Tons of courses on youtube. I learn well from visual, so I recommend these youtube videos:
  
  
  
• Basic Dynamic Analysis
  
• Real World Decompilation There are a few videos to this series and he disassembles a game, definitely nice to learn from.
  
  
  Beyond that, Google will always be your friend, and /r/reverseengineering. I also have a bunch of material for Malware RE, but that's a bit different than Software RE, though it is relatable.

Yea, I actually recommended one in the post above. Here's a direct link though

I'm recommending this only because it's the one book on the topic that I've read and it was really good. There's others too, like this one, but I haven't read them so I can't comment.

Any book about reverse engineering can only teach you the most basic things. But it teaches you enough that once you're on your own, you aren't lost. If you want to develop the skills further, just start disassembling OS functions and figuring out how they work.

Another book that's tangentially related is this one. It isn't about reverse engineering specifically, but rather about debugging (usually without source code), which is obviously a critical skill.

Learn to write simple C programs. Then debug your own C programs, preferably in OS X or Linux using gcc/gdb. Then disassemble your own C code (learn how to disable optimization in the compiler; try it with no optimizaiton and then with increasing levels). Then look at C++ and (gasp) Visual BASIC and such. Turns out a ton of malware is written in these languages, and the snarl of garbage that you'll uncover that is just part of the auto-generated message handling stuff for VB will astound you, so don't start there...but it's important to understand those structures when you see them.

Then follow tutorials about reversing other programs. There are great books on this.

It helps a lot to know assembly language, but you'll tend to pick it up as you go.

You'll want better tools than just command-line disassemblers. I prefer IDA Pro.

There's a great book that uses IDA Pro with many examples to address precisely your questions.

Here's another great book on malware analysis that covers all kinds of tricks you might bump into when working on real targets.

I see all this as a long-term iterative exercise. It's fascinating.

Some resources which will indirectly help you for GREM

https://amzn.com/1593272901

https://amzn.com/1118787315

https://amzn.com/1593272898

chrome runs at user app level. it's not running in kernal space with rootkit-like functionality.


Google going out of there way to try and illegally spy on you is crazy. simply because any interested party can go and grab a copy of IDA pro and slap it onto chrome right now and do live disassemble the code base as it's running. Watch the stack calls, view library calls, and view network traffic.

But if the overly paranode type. Then go an investigate for yourself you have access to the tools and the books to self-learn the skills need to do so. Here a good jumping off point


http://out7.hex-rays.com/demo/request < request a trail evulation of ida pro

read this
https://www.amazon.ca/Reversing-Secrets-Engineering-Eldad-Eilam/dp/0764574817

this
https://www.amazon.ca/IDA-Pro-Book-Unofficial-Disassembler/dp/1593272898

and finally this
https://www.apress.com/gp/book/9781484200650

In case you're talking about reverse engineering, malware analysis etc.:

• http://www.amazon.com/The-IDA-Pro-Book-Disassembler/dp/1593272898
  
• http://www.amazon.com/Practical-Malware-Analysis-Dissecting-Malicious/dp/1593272901
  
• http://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315
  
• http://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Eilam/dp/0764574817
  
• http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/dp/1593271441

There are a ton of different things you can do on the defensive side. The path here is a bit less defined because you can specialize in each of these areas with out ever really touching the other ones. But I think these are the most important skills as a defender, so I’ll break it up into three smaller chunks. For the most part, defender/Blue-team concepts draw from these skills, I’ve setup the courses in order, as some of these skills may feed into other areas.


IR:

• Computer Forensics and IR - This is the hole grail of IR. Written by the best in the business, a great start to the world of IR and Forensics
  
  
• Network Analysis. SOC-based 1-day course (Includes slides and labs)
  
  
• Hacking Techniques and Intrusion Detection - 5-6 day course
  
  
• PCAP analysis and Network Hunting - 2 day course
  
  
• Blue Team Field Manual
  
  
  Forensics:
  
  
• Network Forensics - 2 day course
  
  
• File System Forensics
  
  
• Windows 8 Forensics
  
  
• Registry Forensics
  
  
• Memory Forensics
  
  
• 13 Cubed Youtube Series
  
  
• Advanced Network Forensics - SANS ( meaning If you can get someone else to pay for it, SANS courses are expensive)
  
  
• Overall Cheatsheet/Forensics knowledge dump
  
  
• Now, you’re ready for the CHFI Certification
  
  Reverse Engineering (Dynamic and Static):
  
  
• Practical Malware Analysis
  
  
• Malware Unicorn (Awesome RE, has an awesome blog and some good intro training)
  
  
• Malware Analyst’s cookbook
  
  
• IDA Pro Book
  
  
• Intro to Reverse Engineering - 2 day course
  
  
• Malware Dynamic Analysis - 3 day course
  
  
• SANS*** GREM Certification
  
  I know there’s not a lot of certs here, and unfortunately, that’s how it is across the blue team. Certs here are usually very vendor-specific, and not applicable to defense as a whole. Those certifications exist, but I’m not listing them here.
  
  If people are interested, I can also do a similar write-up on Mobile Forensics and Cloud Forensics (which is my direct background).
  
  Lastly, here are some of my favorite news sources across the InfoSec community -
  
  News Sources
  
  
• Ars Technica
  
  
• InfoSecurity Magazine
  
  
• Security Weekly
  
  
• Iron Geek
  
  
• Krebs on Security
  
  
• reddit.com/r/netsec
  
  
• reddit.com/r/netsecstudents
  
  
• reddit.com/r/asknetsec
  
  
• reddit.com/r/computerforensics

This is a good book. You will obviously need to have some understanding of assembly language for whatever platform you are interested in targeting (I am guessing x86?)

My recommendations then for self study:

• http://www.amazon.com/The-Rootkit-Arsenal-Evasion-Corners/dp/144962636Xl
  
  
• http://www.amazon.com/Windows-Forensic-Analysis-Toolkit-Edition/dp/0124171575
  
  
• http://www.amazon.com/Windows-Registry-Forensics-Advanced-Forensic/dp/1597495808
  
  
• http://www.amazon.com/Malware-Rootkits-Botnets-Beginners-McGraw/dp/0071792066
  
  
• http://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315
  
  
• http://www.amazon.com/Practical-Malware-Analysis-Dissecting-Malicious/dp/1593272901
  
  
• http://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504
  
  
• http://www.amazon.com/The-IDA-Pro-Book-Disassembler/dp/1593272898
  
  
• http://www.amazon.com/Malware-Analysts-Cookbook-DVD-Techniques/dp/0470613033
  
  Read all those and you will be in good shape ;)
  EDIT: I hate trying to get reddit to do what I want.

He wrote a book as well, highly recommended: http://smile.amazon.com/dp/1593272898 - one of the only definitive sources for IDA Pro information that isn't scattered about all over the Intardnets.