The AddressOfEntryPoint and Tips for Finding Main in PE Files

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!

Grab it

Explore the intricacies of the AddressOfEntryPoint field in PE file formats and learn effective techniques for locating the main function in this 13-minute video. Dive into sample binaries, compiling processes, and the use of 010 Editor to find the AddressOfEntryPoint. Examine the 32-bit PE file layout and discover valuable tips for identifying the main function. Investigate arguments for main in x64 binaries and analyze the start point in a packed binary, using Lockbit 3.0 as an example. Gain insights into cybersecurity, reverse engineering, and malware analysis through this informative tutorial by Dr. Josh Stroschein.

Syllabus

Sample Binaries
Compiling
Finding AddressOfEntryPoint in 010 Editor
32-Bit PE file layout
Tips for Finding Main
Arguments for main in x64 binary
Start in a packed binary Lockbit 3.0

Taught by

Dr Josh Stroschein

Reviews

Start your review of The AddressOfEntryPoint and Tips for Finding Main in PE Files

Taught by

Finding Digital Certificates in PE File Format

TLS Callbacks in PE Files - Detection and Analysis

PE File Format Basics for Malware Analysis and Reverse Engineering - MM#08

Binee - Complete Emulation of Advanced Malware

7 Best Reverse Engineering Courses for 2024

Never Stop Learning.