Contents

01 – KNOWING Ollydbg – INSTALLATION
02 – Number Systems – positive numbers – NEGATIVE – ASCII – THAT IS THE STACK
03 – RECORDS AND FLAGS
04 – ASSEMBLER INSTRUCTIONS – NOP, PUSH, POP, PUSHAD, POPAD, MOV, movsx, MOVZX, LEA, xchg,
05 – MATHEMATICS INSTRUCTIONS – INC, DEC, ADD, ADC, SUB, SBB, MUL, IMUL, DIV, IDIV, xadd, NEG
LOGIC INSTRUCTIONS – AND, XOR, OR, NOT –
06 – INSTRUCTIONS – COMPARISONS AND CONDITIONAL JUMPS
07 – INSTRUCTIONS – CALL AND RET
08 – INSTRUCTIONS FOR LOOPS OR CYCLES (LOOP)
09 – FIRST APPROACH TO CRACKING – crackme OF CRUEHEAD
10 – Breakpoints – COMMON BP, ON MEMORY
11 – Breakpoints – Breakpoints HARDWARE – BP CONDITIONAL
12 – Windows messages – BP STANDING IN WINDOWS MESSAGES
13 – REVERSING AND SERIAL PEZCANDO
14 – REVERSING AND SERIAL PEZCANDO – HARCODED SERIALS
15 – REVERSING AND SERIAL PEZCANDO – HARCODED SERIALS
16 – REVERSING AND SERIAL PEZCANDO – HARCODED SERIALS
17 – REVERSING AND SERIAL PEZCANDO – HARCODED SERIALS – LOOKING FOR SERIAL IN MEMORY (WHEN WE HAVE BUTTON CHECK)
18 – REVERSING AND SERIAL PEZCANDO – LOOKING FOR SERIAL IN MEMORY (WHEN WE HAVE BUTTON CHECK)
19 – PROTECTION ANTIDEBUGGER – how to avoid manually with plugins – api: IsDebuggerPresent –
20 – PROTECTION ANTIDEBUGGER – how to avoid manually with plugins – NAME OF PROCESS – api: EnumProcesses
21 – PROTECTION ANTIDEBUGGER – how to avoid manually with plugins – PROCESS BY NAME – by name or window class – api: CreateToolhelp32Snapshot, Process32First, Process32Next, FindWindowA
22 – PROTECTION ANTIDEBUGGER – how to avoid manually with plugins – apis: UnhandeldExceptionFilter – ZwQueryInformationProcess
23 – PROTECTION ANTIDEBUGGER – how to avoid manually with plugins – ProcessHeapFlag and NTGlobalFlag
24 – PROTECTION ANTIDEBUGGER – Solving the Antisocial Part 23
25 – EXCEPTIONS
26 – Crackeando VISUAL BASIC – NAGS
27 – Crackeando VISUAL BASIC – NAGS, METHOD 4C
28 – Crackeando VISUAL BASIC – GRAFT IN DLL (AMENDED)
29 – Crackeando VISUAL BASIC – P-CODE
30 – Crackeando VISUAL BASIC – Part 2 P-CODE
31 – UNPACKING – Definitions BASIC
32 – UNPACKING – SEARCH OPCODES, Olly FINDER EPO, PUSHADD METHOD, METHOD EXCEPTIONS, widely used API method, METO EXECUTED FIRST API
33 – UNPACKING – IS IAT and how to repair
34 – UNPACKING – using PE TOOLS, ImpREC
35 – UNPACKING – WITH OllyDump, ImpREC (EXAMPLE ASPACK)
36 – UNPACKING – WITH OllyDump, ImpREC (OTHER PRACTICAL EXERCISE)
37 – UNPACKING – REPAIR redirected TICKETS
38 – UNPACKING – REPAIR redirected TICKETS
39 – STOLEN BYTES AND SCRIPTS
40 – SCRIPTS (UNPACKING THE PELock)
41 – SCRIPTS (CONT UNPACKING THE PELock.)
42 – UNPACKING – STOLEN BYTES (ACPROTECT 1.09)
43 – UNPACKING – REPAIR STOLEN BYTES (ACPROTECT 1.09)
44 – UNPACKING – REPAIR IAT – SCRIPTS (ACPROTECT 1.09)
45 – UNPACKING – REPAIR IAT – DUMPEADO (ACPROTECT 1.09)
46 – UNPACKING – FATMIKE
47 – UNPACKING – FATMIKE (Part 2)
48 – UNPACKING – 1,304 PESpin
49 – UNPACKING – REPAIR IAT – PESpin 1,304 (Part 2)
50 – UNPACKING – ANOTHER EXAMPLE
51 – UNPACKING – Asprotect
52 – UNPACKING – Asprotect (CONTINUED)
53 – UNPACKING – Asprotect (CONTINUED)
54 – UNPACKING – EXECryptor
55 – UNPACKING – EXECryptor (CONTINUED) – IAT SCRIPT TO REPAIR
56-EXECryptor v2.2.50.b unshelling
57-EXECryptor v2.2.50.c/d/e/f/g unshelling
58-EXECryptor v2.2.50.h unshelling

Only for V.I.P