Why do I learn and practice reverse engineering as a web developer?

How did it get started?

During my university days 15 years ago while I was studying mechanical engineering, I got introduced to a CTF contest. It was a beginner-level CTF, and as a part of the preparation kit, they handed over a bunch of resources. Among them, one was Lena’s Reversing for Newbies tutorials. Even though I was not able to complete all 40 lessons, I gained some insights on what it means to understand software from the other side.

What are the benefits of learning reverse engineering?

At the start, I learned how to debug better than I did before. Mentally run through the logic, trace the steps and its variables, and decipher the encryption and encoding logic, automation, finding hidden information, etc.

Later, while I was working as a frontend developer, reverse engineering skills helped me to think better, to harden the system, to think about what a malicious actor can perform on the websites, etc.

What do I do nowadays with this skill?

I mostly enjoy breaking the security of the website by analyzing the JavaScript and the minified code and extracting useful or sensitive information just for the sake of pure joy. I do not intend to disclose it to anyone, even to the site owner, because I don’t want to engage in conversation that I don’t like.

What do I want to do with reverse engineering skills?

First of all, I don’t have the skills that are required for the industry to sustain a reverse engineering career. Back in the days when I was learning from Lena151, I developed an interest in malware analysis. In between, I paused all my passion for malware reverse engineering, and now I am reviving it back. Learning assembly language, C, C++, and Rust is fun (well, not Rust). I am also learning about malware development myself so that I know what I am reversing. This is a huge space to explore, and there are many pioneers ahead of me, and I look forward to learning from them.