tag:blogger.com,1999:blog-27380923.post115033506011310111..comments2022-04-07T00:06:55.658-07:00Comments on Yet Another Infosec Blog: A Study in Reverse Code Engineering (RE)ryanhttp://www.blogger.com/profile/05352225670495281525noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-27380923.post-1151163483216825082006-06-24T08:38:00.000-07:002006-06-24T08:38:00.000-07:00Interesting post. I'm also reversing code, mostly ...Interesting post. I'm also reversing code, mostly malware.<BR/><BR/>XOR EAX, EAX sets the EAX register to 0. XOR REG, REG is often used to set registers to 0, as it takes only 2 bytes (33 C0) instead of 5 bytes for MOV EAX, 0 (B8 00 00 00 00).<BR/><BR/>I just started a blog, reversing will be one of the topics: http://didierstevens.com<BR/><BR/>Have you heard about the IDA Pro disassembler: http://www.datarescue.com/idabase/<BR/>There's also a freeware version: http://www.programmersheaven.com/zone5/cat460/37637.htm<BR/><BR/>DidierAnonymousnoreply@blogger.com