You don’t need to know assembly. You don’t need prior reversing experience. You need curiosity and this guide.
This is a complete, beginner-to-advanced series on reverse engineering Windows executables using OllyDbg. By the time you finish, you’ll be able to trace serial number algorithms, bypass anti-debugging protections, and unpack heavily protected executables from scratch.
How to Use This Index
- Parts are released progressively. If a part has no link, it hasn’t been published yet.
- Work through phases in order. Each phase builds on the last.
- Stuck? Re-read the previous part before moving forward.
- Bookmark this page it’s your home base for the entire series.
Series Overview
| Phase | Theme | Parts |
|---|---|---|
| Phase 1 | Getting Your Bearings | 1–5 |
| Phase 2 | Assembly You Actually Need | 6–12 |
| Phase 3 | Controlling Execution | 13–18 |
| Phase 4 | Serial Numbers & Keygens | 19–26 |
| Phase 5 | Anti-Debugging Techniques | 27–34 |
| Phase 6 | Exception Handling & VB Programs | 35–40 |
| Phase 7 | Unpacking — The Deep End | 41–50 |
| Phase 8 | Advanced Unpackers | 51–60 |
Series Status
Actively being written. New parts drop regularly.
Parts without links = not yet published. Check back soon.
Phase 1 - Getting Your Bearings
Before you reverse anything, you need to see the world the way a CPU does.
This phase gives you the foundation. You’ll learn what reverse engineering actually is, get comfortable inside OllyDbg, and touch real assembly for the first time. Don’t rush it - everything else is built on this.
| # | Title | Link |
|---|---|---|
| Part 1 | What is Reverse Engineering? Why OllyDbg? | What is Reverse Engineering? And Why Am I Using OllyDbg? |
| Part 2 | OllyDbg Interface Tour - Every Window Explained | How to Read Disassembly in OllyDbg: A Beginner’s Guide |
| Part 3 | Number Systems - Hex, Decimal, Binary with Real Examples | Hex vs Binary vs Decimal: Explained for Programmers and Reverse Engineers |
| Part 4 | CPU Registers - What They Are and Why They Matter | CPU Registers Explained: What They Are and Why They Matter in Reverse Engineering |
| Part 5 | Your First Look at Assembly - Reading Code Like a Reverser | How to Read Assembly Code for Reverse Engineering |
Phase 2 - Assembly You Actually Need
You don’t need to memorize x86. You need to recognize patterns.
Most reversing guides either skip assembly or drown you in it. This phase is different you learn exactly the instructions that show up in real targets, with real examples from inside OllyDbg. No textbook fluff.
| # | Title | Status |
|---|---|---|
| Part 6 | MOV, PUSH, POP - Moving Data Around |  (coming soon) |
| Part 7 | ADD, SUB, MUL, DIV - Math in Assembly | (coming soon) |
| Part 8 | CMP and Conditional Jumps - How Programs Make Decisions | (coming soon) |
| Part 9 | CALL and RET - How Functions Work Under the Hood | (coming soon) |
| Part 10 | Loops and String Instructions | (coming soon) |
| Part 11 | Addressing Modes - Direct, Indirect, and Everything Between | (coming soon) |
| Part 12 | Stack Frames - How Functions Manage Memory | (coming soon) |
Phase 3 - Controlling Execution
This is where OllyDbg stops being a viewer and becomes a weapon.
Breakpoints, tracing, searching this phase is pure hands-on OllyDbg mastery. By the end, you’ll be able to pause any program at exactly the right moment, read its memory, and understand what it’s doing in real time.
| # | Title | Status |
|---|---|---|
| Part 13 | Breakpoints Pause the Program, Read Its Mind | (coming soon) |
| Part 14 | Hardware Breakpoints and Conditional Breakpoints | (coming soon) |
| Part 15 | Message Breakpoints Hooking Windows Events | (coming soon) |
| Part 16 | Tracing Step Into, Step Over, Run Until | (coming soon) |
| Part 17 | Searching Find Strings, Patterns, and Constants | (coming soon) |
| Part 18 | Dumping Memory and Saving Patches | (coming soon) |
Phase 4 — Serial Numbers & Keygens
Your first real targets. Real programs. Real serial checks.
This is where the theory clicks into place. You’ll trace actual serial number validation routines, understand how programs verify licenses, and eventually write a keygen that generates valid serials from scratch.
| # | Title | Status |
|---|---|---|
| Part 19 | Tracing Hard-coded Serials - Part 1 | (coming soon) |
| Part 20 | Tracing Hard-coded Serials - Part 2 | (coming soon) |
| Part 21 | Tracing Hard-coded Serials - Part 3 | (coming soon) |
| Part 22 | Serial Generation Algorithm Analysis - Part 1 | (coming soon) |
| Part 23 | Serial Generation Algorithm Analysis - Part 2 | (coming soon) |
| Part 24 | Serial Generation Algorithm Analysis - Part 3 | (coming soon) |
| Part 25 | Writing a Keygen From Scratch | (coming soon) |
| Part 26 | Patching Binaries - NOP, JMP, and Byte Editing | (coming soon) |
Phase 5 - Anti-Debugging Techniques
Programs fight back. Here’s how to win.
Once developers know reversers exist, they add traps. This phase is entirely about those traps how they work, why they work, and how to neutralize every single one. This is where your reversing skills get genuinely serious.
| # | Title | Status |
|---|---|---|
| Part 27 | What is Anti-Debugging? The Cat and Mouse Game | (coming soon) |
| Part 28 | IsDebuggerPresent The Simplest Check and How to Beat It | (coming soon) |
| Part 29 | Detecting OllyDbg by Process Name | (coming soon) |
| Part 30 | Window Class and Title Detection | (coming soon) |
| Part 31 | UnhandledExceptionFilter and ZwQueryInformationProcess | (coming soon) |
| Part 32 | ProcessHeap, NTGlobalFlag, OutputDebugStringA | (coming soon) |
| Part 33 | Timing Attacks RDTSC and GetTickCount | (coming soon) |
| Part 34 | Comprehensive Anti-Debug Exercise | (coming soon) |
Phase 6 - Exception Handling & Visual Basic Programs
Two things that confuse every beginner. Demystified.
SEH (Structured Exception Handling) looks like magic until you understand it — then you realize it’s one of the most powerful reversing tools available. VB programs have their own quirks that trip people up. This phase handles both.
| # | Title | Status |
|---|---|---|
| Part 35 | How Windows Exception Handling Works SEH Basics | (coming soon) |
| Part 36 | Using Exceptions as Anti-Debug Tricks | (coming soon) |
| Part 37 | Cracking Visual Basic Programs - Part 1 | (coming soon) |
| Part 38 | Cracking Visual Basic Programs - Part 2 | (coming soon) |
| Part 39 | Cracking Visual Basic Programs - Part 3 | (coming soon) |
| Part 40 | P-CODE When VB Compiles Differently | (coming soon) |
Phase 7 - Unpacking: The Deep End
The protection layer between you and the real code. Time to remove it.
Packers compress and encrypt executables to hide their code from reversers. Unpacking is the art of peeling that layer off. This is considered advanced but by Phase 7, you’re ready. We start slow and build up to scripted automation.
| # | Title | Status |
|---|---|---|
| Part 41 | What is a Packer? What is a Shell? | (coming soon) |
| Part 42 | Finding the OEP - The Core Skill of Unpacking | (coming soon) |
| Part 43 | What is IAT and Why Does It Break After Unpacking? | (coming soon) |
| Part 44 | Manually Unpacking UPX Step by Step | (coming soon) |
| Part 45 | ASPack Unpacking | (coming soon) |
| Part 46 | IAT Redirection - What It Is and How to Fix It | (coming soon) |
| Part 47 | Stolen Bytes - When OEP Code Goes Missing | (coming soon) |
| Part 48 | AntiDump - What It Is and How to Beat It | (coming soon) |
| Part 49 | Writing OllyDbg Scripts to Automate Unpacking | (coming soon) |
| Part 50 | Yoda’s Crypter Unpacking | (coming soon) |
Phase 8 - Advanced Unpackers
The final boss tier. Industrial-grade protections, taken apart piece by piece.
ACProtect, PeSpin, ASProtect, EXECryptor — these are the protections that stop most reversers cold. This phase is for those who made it through everything else. No shortcuts, no hand-holding. Just deep, methodical unpacking.
| # | Title | Status |
|---|---|---|
| Part 51 | ACProtect - Finding OEP, Bypassing HW Breakpoint Detection | (coming soon) |
| Part 52 | ACProtect - Fixing IAT with a Script | (coming soon) |
| Part 53 | ACProtect - Defeating AntiDump | (coming soon) |
| Part 54 | ReCrypt v0.80 Unpacking | (coming soon) |
| Part 55 | PeSpin Unpacking - Part 1 | (coming soon) |
| Part 56 | PeSpin Unpacking - Part 2 | (coming soon) |
| Part 57 | ASProtect Unpacking - Part 1 | (coming soon) |
| Part 58 | ASProtect Unpacking - Part 2 | (coming soon) |
| Part 59 | EXECryptor - The Final Boss (Multi-part) | (coming soon) |
| Part 60 | Series Wrap-up - Where to Go From Here | (coming soon) |
Tools Used in This Series
| Tool | Purpose | Download |
|---|---|---|
| OllyDbg 1.10 | Primary debugger | ollydbg.de |
| OllyDbg 2.01 | Used in later chapters | ollydbg.de |
| PEiD | Identify packers | (bundled with practice files) |
| ImportREC | IAT repair after unpacking | (bundled with practice files) |
| LordPE | PE editor and dumper | (bundled with practice files) |
Notes
- This series is for educational purposes - understanding software protections through reverse engineering.
- All practice targets used in this series are either purpose-built crackmes or freeware tools with no commercial harm.
- If you’re brand new, start at Part 1 and don’t skip. The series is designed so every part earns the next one.