When diving into a new area of study—or revisiting topics previously explored—it’s incredibly valuable to document the resources that guide your learning journey. After years of working directly with customers in a support role, I’ve come to deeply appreciate the importance of having a well-organized reference point for future review. With that in mind, I’d like to share the key resources I’m currently using to deepen my understanding of reverse engineering and malware analysis.

• https://guyinatuxedo.github.io/index.html – A highly detailed and accessible guide to binary exploitation, covering essential tools and techniques. This resource excels at breaking down complex concepts into understandable components—ideal for building a solid foundation.
• Evasive Malware – Kyle Cucci (Published by No Starch Press) – An excellent deep dive into modern malware evasion techniques. The content is technical but well-paced, offering new insights without being overwhelming. It’s already challenged many of my assumptions and broadened my perspective
• “ARM assembly Internals & Reverse Engineering” by Maria Azeria Markstedter – A go-to reference for understanding ARM architecture and reverse engineering practices. I’ve returned to this book time and time again—it’s not only insightful but widely respected in the infosec community. Maria’s work is so impactful, even ARM themselves have taken notice.
• Binary Exploitation – HackTheBox paths – Practical, challenge-based learning focused on real-world binary exploitation techniques. These paths are great for reinforcing theory with hands-on experience and are a strong supplement to more academic materials.
• VX-Underground – VX Underground has built up one of the largest Malware collections on the internet and provides access to these free of charge and are run mostly by Donations. Alongside this, they host a lot of Malware related White-Papers which are extremely useful to reference and read through!

Tools

• Ghidra –  This one speaks for itself but after the release of the NSA’s super sneaky Reverse Engineering tool, it makes sense to add to the list. Really awesome to use but not perfect
• iaito – The official GUI for Radare2, Radare2 being a Linux CLI tool for reverse engineering, with my current setup being a Windows Box it makes the most sense to perform this via the GUI. Provides a lot of core functionality within one tool rather than having to extract strings, Imports and similar across multiple tools, meaning better streamlining of process.
• Ollydbg – This was where looking at assembly all began for me, when I was “involved” with the COD4X Project somewhat by beta testing some client side anti-cheat measures by injecting cheats and understanding where they broke and at what Memory Offsets things crashed. I loved COD4 a lot and I am glad that this was my first exposure. COD4X is still used to fix some nasty RCE vulnerabilities that existed in the core client of Call of Duty for many years (the same bugs and exploits were active in MW2 and Black Ops for example) and whilst fanmade, is very much loved within the community. Anyway, OllyDBG is awesome.
• PEStudio – Useful for static analysis of Malware and executables.
• x64DBG – An Open source x64/x32 Debugger for Windows that is still undergoing active development, when my eyes tired a bit from OllyDBG after all those years I moved to x64DBG before Ghidra released and have never left it behind in any of my windows builds since