My last post in Drupal-based blog

Hi everyone! This is my last post in this Drupal-based blog.
I stepped aside from Drupal since it requires a lot of maintenance.
On the other hand, web1.0 + m4 + git + rsync takes much less maintenance, if at all.
My new old-school strictly web1.0 blog is:
RSS redirection is seems already working, so you shouldn't see this post in your RSS reader. But you may update your URL if you wish, new one is:
Drupal-based blog will be alive for some time. I'll migrate all posts eventually from here.

Using Z3 theorem prover to prove equivalence of some bizarre alternative to XOR operation.

There is a "A Hacker's Assistant" program (Aha!) written by Henry Warren, who is also the author of the great "Hacker's Delight" book.
The Aha! program is essentially superoptimizer, which blindly brute-force a list of some generic RISC CPU instructions to achieve shortest possible (and jumpless or branch-free) CPU code sequence for desired operation.


Korean publication of "Reverse Engineering for Beginners" book is available for pre-order!

I'm very happy to announce that Acorn publisher in South Korea did huge amount of work in translating and publishing my "Reverse Engineering for Beginners" book in Korean language.

Now it's available for pre-order at their website:
It's also available in South Korean shops:
How it looks like: Side A, Side B.
It's 1160 pages. The content is the same as it is in open-source form right now, but it's translated and professionally edited and prepared.
I also in debt to Byungho Min (@tais9), who translated my book in Korean language.
Cover pictures was done by my artist friend Andy Nechaevsky:
So if you want to have a "real" book on your shelf in Korean language and/or want to support my work, now you may buy it.

English and Russian versions are still available here:


I'm looking for a publisher who may want to translate and publish my "Reverse Engineering for Beginners" book to a language other than English/Russian, under condition that English/Russian version will remain freely available in open-source form.
Interesting? dennis(a)

"Reverse Engineering for Beginners" free book news


Still working on my "Reverse Engineering for Beginners" free book, now it's ~790 pages!
Among news: a lot of OllyDbg and GDB examples/screenshots are added, A5 version for e-book readers available, much more examples and code patterns (including ARM64).
For Oracle hardcore geeks there are also two examples added: reverse engineering of simple proprietary binary files (.SYM and .MSB files: page 655 in English version).
Just took a fancy domain for website dedicated to the book:
There are also supporting forum, almost silent yet:
Oh, and please donate. The book is free and well be so:
And please do not hesitate to correct my mistakes, my English language is still horrible.


Couple of win32 PE patching utilities

Just made two more win32 PE patching utilities:

These useful for automated patching and may be used in pair.


Cracking simple hash-function using Z3 SMT-solver

Just added about cracking simple hash-function using Z3 SMT-solver (page 393):
This can be interesting for computer programmers in general, not just to reverse engineers.

Another my article about it Z3 SMT-solver:

If you want to read more like this, please donate! :-)


My "Reverse Engineering for Beginners" book

I'm still working on my book.
In past half-year I added information about C++ STL internals, which could be interesting not only for reversers, but for C++ programmers as well.
There are also example of OpenMP internals (which also could be interesting for general programmers).
Full list of changes:

PE add imports

Just upgraded my PE_add_imports utility intended to add imports to the existing compiled .exe-file.
Now multiple symbols are supported, as well as x64 executables.


Convert to sparse file utility (win32)

Just wrote utility intended for converting files into sparse ones on Windows NTFS file system.
Sparse files are those in which long zero blocks are not stored on hard disk, but replaced to information about them (metadata) instead.
These files are very useful for saving space on storing half-empty ISO files, half-downloaded torrent files, virtual machine disk images.

I need it primarily for VMware WS disk images "compressing".
I suppose, many other Oracle specialists use VMware machines with a lot of Oracle versions as well :-)

More about them:

Compiled executable file:

That is how it looks after converting:

This one-liner is to be run inside of *NIX virtual machine to write zeroes to unused parts of file system:

dd if=/dev/zero of=empty_file; rm empty_file