Practical Reverse Engineering X86 X64 ARM Windows Kernel Reversing Tools and Obfuscation 1st Edition by Bruce Dang, Alexandre Gazet, Elias Bachaalany 1118787315 9781118787311
Original price was: $50.00.$35.00Current price is: $35.00.
Authors:Bruce Dang; Alexandre Gazet; Elias Bachaalany , Series:Computer Science [97] , Tags:Computers; Security; General; Network Security; Networking , Author sort:Dang, Bruce & Gazet, Alexandre & Bachaalany, Elias , Ids:9781118787311 , Languages:Languages:eng , Published:Published:Feb 2014 , Publisher:John Wiley & Sons , Comments:Comments:Analyzing how hacks are done, so as to stop them in the future Reverse engineering is the process of analyzing hardware or software and understanding it, without having access to the source code or design documents. Hackers are able to reverse engineer systems and exploit what they find with scary results. Now the good guys can use the same tools to thwart these threats. Practical Reverse Engineering goes under the hood of reverse engineering for security analysts, security engineers, and system programmers, so they can learn how to use these same processes to stop hackers in their tracks. The book covers x86, x64, and ARM (the first book to cover all three); Windows kernel-mode code rootkits and drivers; virtual machine protection techniques; and much more. Best of all, it offers a systematic approach to the material, with plenty of hands-on exercises and real-world examples. Offers a systematic approach to understanding reverse engineering, with hands-on exercises and real-world examples Covers x86, x64, and advanced RISC machine (ARM) architectures as well as deobfuscation and virtual machine protection techniques Provides special coverage of Windows kernel-mode code (rootkits/drivers), a topic not often covered elsewhere, and explains how to analyze drivers step by step Demystifies topics that have a steep learning curve Includes a bonus chapter on reverse engineering tools Practical Reverse Engineering: Using x86, x64, ARM, Windows Kernel, and Reversing Tools provides crucial, up-to-date guidance for a broad range of IT professionals.
Practical Reverse Engineering X86 X64 ARM Windows Kernel Reversing Tools and Obfuscation 1st Edition by Bruce Dang, Alexandre Gazet, Elias Bachaalany – Ebook PDF Instant Download/Delivery. 1118787315, 9781118787311
Full download Practical Reverse Engineering X86 X64 ARM Windows Kernel Reversing Tools and Obfuscation 1st Edition after payment
Product details:
ISBN 10: 1118787315
ISBN 13: 9781118787311
Author: Bruce Dang; Alexandre Gazet; Elias Bachaalany
This book providesa systematic approach to reverse engineering. Reverse engineering is not about reading assembly code, but actually understanding how different pieces/components in a system work. To reverse engineer a system is to understand how it is constructed and how it works. The book provides: Coverage of x86, x64, and ARM. In the past x86was the most common architecture on the PC; however, times have changed and x64 is becoming the dominant architecture. It brings new complexity and constructs previously not present in x86. ARM (Advanced RISC Machine) is very common in embedded / consumer electronic devices; for example, most if not all cell phones run on ARM. All of apples i-devices run on ARM. This book will be the first book to cover all three. Discussion of Windows kernel-mode code (rootkits/drivers). This topic has a steep learning curve so most practitioners stay away from this area because it is highly complex. However, this book will provide a concise treatment of this topic and explain how to analyze drivers step-by-step. The book uses real world examples from the public domain. The best way to learn is through a combination of concept discussions, examples, and exercises. This book uses real-world trojans / rootkits as examples congruent with real-life scenarios Hands-on exercises. End-of-chapter exercises in the form of conceptual questions and hands-on analysis so so readers can solidify their understanding of the concepts and build confidence. The exercises are also meant to teach readers about topics not covered in the book.
Practical Reverse Engineering X86 X64 ARM Windows Kernel Reversing Tools and Obfuscation 1st Table of contents:
Chapter 1 x86 and x64
Register Set and Data Types
Instruction Set
Syntax
Data Movement
Exercise
Arithmetic Operations
Stack Operations and Function Invocation
Exercises
Control Flow
System Mechanism
Address Translation
Interrupts and Exceptions
Walk-Through
Exercises
x64
Register Set and Data Types
Data Movement
Canonical Address
Function Invocation
Exercises
Chapter 2 ARM
Basic Features
Data Types and Registers
System-Level Controls and Settings
Introduction to the Instruction Set
Loading and Storing Data
LDR and STR
Other Usage for LDR
LDM and STM
PUSH and POP
Functions and Function Invocation
Arithmetic Operations
Branching and Conditional Execution
Thumb State
Switch-Case
Miscellaneous
Just-in-Time and Self-Modifying Code
Synchronization Primitives
System Services and Mechanisms
Instructions
Walk-Through
Next Steps
Exercises
Chapter 3 The Windows Kernel
Windows Fundamentals
Memory Layout
Processor Initialization
System Calls
Interrupt Request Level
Pool Memory
Memory Descriptor Lists
Processes and Threads
Execution Context
Kernel Synchronization Primitives
Lists
Implementation Details
Walk-Through
Exercises
Asynchronous and Ad-Hoc Execution
System Threads
Work Items
Asynchronous Procedure Calls
Deferred Procedure Calls
Timers
Process and Thread Callbacks
Completion Routines
I/O Request Packets
Structure of a Driver
Entry Points
Driver and Device Objects
IRP Handling
A Common Mechanism for User-Kernel Communication
Miscellaneous System Mechanisms
Walk-Throughs
An x86 Rootkit
An x64 Rootkit
Next Steps
Exercises
Building Confidence and Solidifying Your Knowledge
Investigating and Extending Your Knowledge
Analysis of Real-Life Drivers
Chapter 4 Debugging and Automation
The Debugging Tools and Basic Commands
Setting the Symbol Path
Debugger Windows
Evaluating Expressions
Process Control and Debut Events
Registers, Memory, and Symbols
Breakpoints
Inspecting Processes and Modules
Miscellaneous Commands
Scripting with the Debugging Tools
Pseudo-Registers
Aliases
Language
Script Files
Using Scripts Like Functions
Example Debug Scripts
Using the SDK
Concepts
Writing Debugging Tools Extensions
Useful Extensions, Tools, and Resources
Chapter 5 Obfuscation
A Survey of Obfuscation Techniques
The Nature of Obfuscation: A Motivating Example
Data-Based Obfuscations
Control-Based Obfuscation
Simultaneous Control-Flow and Data-Flow Obfuscation
Achieving Security by Obscurity
A Survey of Deobfuscation Techniques
The Nature of Deobfuscation: Transformation Inversion
Deobfuscation Tools
Practical Deobfuscation
Case Study
First Impressions
Analyzing Handlers Semantics
Symbolic Execution
Solving the Challenge
Final Thoughts
Exercises
Appendix Sample Names and Corresponding SHA1 Hashes
People also search for Practical Reverse Engineering X86 X64 ARM Windows Kernel Reversing Tools and Obfuscation 1st:
how to know if pc is x64 or x86
x86 reverse engineering
practical reverse engineering
practical reverse engineering x86 x64 arm
You may also like…
eBook PDF
Reversing Secrets of Reverse Engineering 1st Edition by Eldad Eilam 0764574817 9780764574818