this post was submitted on 17 Feb 2026
11 points (100.0% liked)

General Programming Discussion

9791 readers
1 users here now

A general programming discussion community.

Rules:

  1. Be civil.
  2. Please start discussions that spark conversation

Other communities

Systems

Functional Programming

Also related

founded 6 years ago
MODERATORS
Cloak@lemmy.ml
Restioson@lemmy.ml
11
Getting started with reverse engineering? (lemy.lol)
submitted 1 week ago* (last edited 1 week ago) by Ladislawgrowlo@lemy.lol to c/programming@lemmy.ml
3 comments fedilink hide all child comments
 

Say have a binary file without the source code available, how to get started understanding how it works?

I found some sources:

Can I spot places in the code that make network connection attempts, de obfuscate spyware?

top 3 comments
sorted by: hot top controversial new old
[–] Object@sh.itjust.works 4 points 1 week ago* (last edited 1 week ago) (1 children)

For network calls, they probably have socket related system calls in the binary file, that would be my second step in reversing. First step would be to try things like Wireshark to intercept the network calls only, as that would be a lot cleaner.

[–] Flyswat@lemmy.ml 1 points 1 week ago (1 children)

When you say "intercept the network calls" with Wireshark, are you able to hook Wireshark to a selected binary so that it shows its network traffic?

[–] Object@sh.itjust.works 1 points 1 week ago

I don't really know much about how capable Wireshark filtering is to be honest. I usually can filter out what I think are background noises, and it has been enough for me so far. No clue if Wireshark allows filtering by process ID.