- 436 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
About This Book
Implement reverse engineering techniques to analyze software, exploit software targets, and defend against security threats like malware and viruses.
Key Features
- Analyze and improvise software and hardware with real-world examples
- Learn advanced debugging and patching techniques with tools such as IDA Pro, x86dbg, and Radare2.
- Explore modern security techniques to identify, exploit, and avoid cyber threats
Book Description
If you want to analyze software in order to exploit its weaknesses and strengthen its defenses, then you should explore reverse engineering. Reverse Engineering is a hackerfriendly tool used to expose security flaws and questionable privacy practices.In this book, you will learn how to analyse software even without having access to its source code or design documents. You will start off by learning the low-level language used to communicate with the computer and then move on to covering reverse engineering techniques. Next, you will explore analysis techniques using real-world tools such as IDA Pro and x86dbg. As you progress through the chapters, you will walk through use cases encountered in reverse engineering, such as encryption and compression, used to obfuscate code, and how to to identify and overcome anti-debugging and anti-analysis tricks. Lastly, you will learn how to analyse other types of files that contain code.
By the end of this book, you will have the confidence to perform reverse engineering.
What you will learn
- Learn core reverse engineering
- Identify and extract malware components
- Explore the tools used for reverse engineering
- Run programs under non-native operating systems
- Understand binary obfuscation techniques
- Identify and analyze anti-debugging and anti-analysis tricks
Who this book is for
If you are a security engineer or analyst or a system programmer and want to use reverse engineering to improve your software and hardware, this is the book for you. You will also find this book useful if you are a developer who wants to explore and learn reverse engineering. Having some programming/shell scripting knowledge is an added advantage.
Frequently asked questions
Information
The Low-Level Language
- Binary numbers, bases, and the ASCII table
- x86 architecture
- Assembly language instructions
- Tools used to edit and compile an assembly-language source code
- Debugging tools
- Exceptions and error handling
- Windows APIs
- High-level language constructs
Technical requirements
- Binary editors, such as HxD Editor or HIEW (Hacker's View)
- Text editors, such as Notepad++
Binary numbers
Bases
2018
Place value at position 1 is 1 multiplied by 8 represents 8.
Place value at position 2 is 10 multiplied by 1 represents 10.
Place value at position 3 is 100 multiplied by 0 represents 0.
Place value at position 4 is 1000 multiplied by 2 represents 2000.
11010b
Place value at position 1 is 1 multiplied by 0 represents 0.
Place value at position 2 is 2 multiplied by 1 represents 2.
Place value at position 3 is 4 multiplied by 0 represents 0.
Place value at position 4 is 8 multiplied by 1 represents 8.
Place value at position 5 is 16 multiplied by 1 represents 16.
The equivalent decimal value of 11010b is 26.
BEEFh
Place value at position 1 is 1 multiplied by 0Fh (15) represents 15.are
Place value at position 2 is 16 multiplied by 0Eh (14) represents 224.
Place value at position 3 is 256 multiplied by 0Eh (14) represents 3584.
Place value at position 4 is 4096 multiplied by 0Bh (11) represents 45056.
The equivalent decimal value of BEEFh is 48879.
Converting between bases
87 to base-2
87 divided by 2 is 43 remainder 1.
43 divided by 2 is 21 remainder 1.
21 divided by 2 is 10 remainder 1.
10 divided by 2 is 5 remainder 0.
5 divided by 2 is 2 remainder 1.
2 divided by 2 is 1 remainder 0.
1 divided by 2 is 0 remainder 1.
and nothing more to divide since we're down to 0.
base-2 has digits 0 and 1.
Writing the remainders backward results to 1010111b.
34512 to base-16
34512 divided by 16 is 2157 remainder 0.
2157 divided by 16 is 134 remainder 13 (0Dh)
134 divided by 16 is 8 remainder 6.
6 divided by 16 is 0 remainder 6.
base-16 has digits from 0 to 9 an...
Table of contents
- Title Page
- Copyright and Credits
- Packt Upsell
- Contributors
- Preface
- Preparing to Reverse
- Identification and Extraction of Hidden Components
- The Low-Level Language
- Static and Dynamic Reversing
- Tools of the Trade
- RE in Linux Platforms
- RE for Windows Platforms
- Sandboxing - Virtualization as a Component for RE
- Binary Obfuscation Techniques
- Packing and Encryption
- Anti-analysis Tricks
- Practical Reverse Engineering of a Windows Executable
- Reversing Various File Types
- Other Books You May Enjoy