Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

The AddressOfEntryPoint and Tips for Finding Main in PE Files

Dr Josh Stroschein via YouTube

Overview

Explore the intricacies of the AddressOfEntryPoint field in PE file formats and learn effective techniques for locating the main function in this 13-minute video. Dive into sample binaries, compiling processes, and the use of 010 Editor to find the AddressOfEntryPoint. Examine the 32-bit PE file layout and discover valuable tips for identifying the main function. Investigate arguments for main in x64 binaries and analyze the start point in a packed binary, using Lockbit 3.0 as an example. Gain insights into cybersecurity, reverse engineering, and malware analysis through this informative tutorial by Dr. Josh Stroschein.

Syllabus

Sample Binaries
Compiling
Finding AddressOfEntryPoint in 010 Editor
32-Bit PE file layout
Tips for Finding Main
Arguments for main in x64 binary
Start in a packed binary Lockbit 3.0

Taught by

Dr Josh Stroschein

Reviews

Start your review of The AddressOfEntryPoint and Tips for Finding Main in PE Files

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.