When starting out as a reverse engineer or malware analyst, it is often tempting to trust your disassembler to correctly resolve the various bytes into code or data. However, to become an expert, it is important to gain as much insight as possible into the Instruction Set Architecture (ISA) of the chip you are working with. This opens many new possibilities: polymorphic code becomes easier to handle, and you become able to use some custom disassembly techniques in your own rootkits or understand these techniques when used by others.