undefined | Better HN

0 pointsmfukar16y ago0 comments

Actually, no. If you're dealing with obfuscation, IDS and antivirus evasion etc. you need to know how to read, write and otherwise manipulate assembly code (debug, self-modification, name-it).

0 comments

tptacek16y ago

First, for dealing with obfuscation and evasion, you're reading, not writing.

Second, for every 100 people that talk about e.g. self-modifying viruses or shellcode, there is perhaps 1 person who can actually write something soup-to-nuts, and maybe 5-10 more who can modify that code to make it do something new.

Reading assembly is important for security research. Writing, not as much.

j / k navigate · click thread line to collapse

0 pointsmfukar16y ago0 comments

Actually, no. If you're dealing with obfuscation, IDS and antivirus evasion etc. you need to know how to read, write and otherwise manipulate assembly code (debug, self-modification, name-it).

0 comments

tptacek16y ago

First, for dealing with obfuscation and evasion, you're reading, not writing.

Reading assembly is important for security research. Writing, not as much.

j / k navigate · click thread line to collapse