The Epomaker Galaxy100 keyboard has a solid sound profile but suffers from an inadequate configuration interface. Unlike Keychron's user-friendly UI, the Galaxy100 relies on VIA, which limits functionality. Users can't map function keys to F1-F12 while also retaining macOS features like Launchpad and Mission Control. When attempting to save changes, VIA inadvertently breaks these mappings, necessitating a complete keyboard reset to restore them. This frustration led the author to explore firmware modifications. The author encountered several obstacles while navigating the official firmware. The provided repo didn’t compile, the bootloader access instructions were incorrect, and wireless functionality was unsupported. These issues highlighted potential violations of the QMK license. Rather than giving up, the author opted to reverse-engineer the firmware using Ghidra, motivated by a desire to learn and a belief that it would be straightforward. First, the author identified the microcontroller as an ARM Cortex-M3, gathering essential information regarding memory mapping. After dumping the firmware using a specific DFU tool, a hexdump revealed the expected structure, including the Interrupt Vector Table. Importing the binary into Ghidra required setting up accurate memory mappings to ensure proper analysis. The goal was clear: swap key mappings between the default layer and the Fn-pressed layer. The author aimed to enhance their understanding of reverse engineering while solving a practical issue with the keyboard functionality.