A three year long roadmap to teach myself compiler dev, malware reverse engineering and kernel dev fundamentals. To be noted they are only for the fundamental knowledge and doesn't make you a master of any. I will pick one or more of the below mentioned fields for later research in some specific topics. Low Level Programming University is also a great resource to follow but this is my personal roadmap.
Topics to study here may or may not be in order and can be studied according to your preference, gievn that prerequisites are getting fulfilled for each one of them.
I'm already assuming that you have basic understanding of computer architecture and experience with atleast one system programming language, some basics of how assembly works and familiar using any POSIX system.
Learn any two of the given languages, make some basic projects to get yourself familiar with it, solve some programming exercises.
If you are not familiar with assembly yet, I would recommend to check out some tutorials like-
- Introduction to x86 assembly language by Davy on youtube
- OMU x86_64 lessons
- x86 Asm
- The Art Of Asm
- Even Manuals are great sources of learning.The manuals for processor can easily be found using a Google search ("Intel Manuals," "ARM manuals)
- And making C programs and reading the disassembly always helps to match patterns.
- Article by 0x41 reversing for dummies to be able to reverse basic crackmes.
After this I would recommend to solve easy crackmes for exercise. crackmes.one and tryhackme is a good place to find some of the easy ones. Hard ones still require some pwning knowledge which I'm gona discuss in the exploitation section.
Prerequisites include experience creating projects in a system programming language and deep understanding of memory and CPU.
- Read the Dragon Book.
- Crafting Interpreters is a good one for beginners.
- Awesome Compilers
- Make a Language in Rust
- Rust Parsing Basics
- Make an interpreted programming language.
- Make a source to source compiler (or transpiler).
- Try to make a compiled programming language targetting one architecture.
- Learn about the LLVM toolchain
- LLVM tutorial in Rust
- Try to follow the llvm tutorial to make your first programmging language using llvm backend.
- Make a Just In Time Compiler
- Experiment with the toolchain to create custom backends as well.
- My discord server lang-dev section
Prerequisites include experience with assembly.
- pwn.college is the best learning resource I got so far for exploitation. From assembly to kernel exploitation, it covers it all.
- gdb guide
- Introduction to exploit development
- OMU exploitation labs
- LiveOverflow's binexp series on youtube
- Tutorial by 0xinfection
- Exploit dev on the infosec reference
- ROP Emporium
- Windows exploit dev
- After learning about some exploitation, you can solve CTFs now. Some of them include:
- pwnable.kr
- Exploit Education VMs
- Overthewire wargames covering exploitation
- HackTheBox challenges based on binary exploitation
Prerequisites include high level knowlegde of VM internals, and solid understanding and experience with Compiler Engineering
- Development
- Create a basic html dom parser Rust
- Toy browser engine, Browser engine from scratch
- JavaScript bytecode VM Andreas Kling
- Browser Parsing & JS AST Anderas Kling
- Inside look at modern browser
- Adventures in JIT compilation
- Network Programming Rust Networking, Rust std::net,C
- After learning about parsing, rendering and JIT, you can now make your own browser with basic APIs and minimal features, following the whatwg standards
- Exploitation: (learn some binary exploitation and workings of the browser) To learn more about the browser, you can learn how to exploit/reverse engineer some.
Prerequisites includes high level understanding of windows and solid reverse engineering skills.
- Practical Malware Analysis
- Malware analysis bootcamp by hackersploit
- CS5138 Malware Analysis, UC
- After learning basics of malware reversing and behaviour, you can now move to reversing some real samples of those.
- Labs by Malware Unicorn
- VX Underground - The largest collection of malware source code, samples, and papers on the internet.
- Malware section from the infosec reference
I'm not quite sure that I want to get into kernel development (yet) but the concepts seem cool and its a good idea for a vacation project or assignments for my OS classes in university. Make sure to read the requirements before getting started.
- OS Dev Wiki is the goto place if you want to learn about OS. It's well documented and also helps eyes to bleed.
- Linux Kernel Labs
- Tutorials Section from awesome OS on github
- Making An OS - youtube
- My discord server's OS dev channel to get some more resources and books.
- Broken Thorn's Tutorial
- Little OS Book
- OS in 3 pieces
Lists of VM internals to study while making progress in compiler engineering and Browser development.