类似推荐
内容简介
As malware increasingly obfuscates itself and applies anti-analysis techniques to thwart our analysis, we need more sophisticated methods that allow us to raise that dark curtain designed to keep us out—binary analysis can help. The goal of all binary analysis is to determine (and possibly modify) the true properties of binary programs to understand what they really do, rather than what we think they should do. While reverse engineering and disassembly are critical first steps in many forms of binary analysis, there is much more to be learned.
This hands-on guide teaches you how to tackle the fascinating but challenging topics of binary analysis and instrumentation and helps you become proficient in an area typically only mastered by a small group of expert hackers. It will take you from basic concepts to state-of-the-art methods as you dig into topics like code injection, disassembly, dynamic taint analysis, and binary instrumentation. Written for security engineers, hackers, and those with a basic working knowledge of C/C++ and x86-64, Practical Binary Analysis will teach you in-depth how binary programs work and help you acquire the tools and techniques needed to gain more control and insight into binary programs.
Once you’ve completed an introduction to basic binary formats, you’ll learn how to analyze binaries using techniques like the GNU/Linux binary analysis toolchain, disassembly, and code injection. You’ll then go on to implement profiling tools with Pin and learn how to build your own dynamic taint analysis tools with libdft and symbolic execution tools using Triton. You’ll learn how to:
Parse ELF and PE binaries and build a binary loader with libbfd
Use data-flow analysis techniques like program tracing, slicing, and reaching definitions analysis to reason about runtime flow of your programs
Modify ELF binaries with techniques like parasitic code injection and hex editing
Build custom disassembly tools with Capstone
Use binary instrumentation to circumvent anti-analysis tricks commonly used by malware
Apply taint analysis to detect control hijacking and data leak attacks
Use symbolic execution to build automatic exploitation tools
With exercises at the end of each chapter to help solidify your skills, you’ll go from understanding basic assembly to performing some of the most sophisticated binary analysis and instrumentation. Practical Binary Analysis gives you what you need to work effectively with binary programs and transform your knowledge from basic understanding to expert-level proficiency.
作者简介
Dennis Andriesse has a Ph.D. in system and network security and uses binary analysis daily in his research. He is one of the main contributors to PathArmor, a Control-Flow Integrity system that defends against control-flow hijacking attacks such as ROP. Andriesse was also one of the attack developers involved in the takedown of the GameOver Zeus P2P botnet.
Practical Binary Analysis是2018年由NoStarchPress出版,作者DennisAndriesse。
得书感谢您对《Practical Binary Analysis》关注和支持,如本书内容有不良信息或侵权等情形的,请联系本网站。
