Analyzing how hacks are done, so as to stop them in the future
Reverse engineering is the process of analyzing hardware or software and understanding it, without having access to the source code or design documents. Hackers are able to reverse engineer systems and exploit what they find with scary results. Now the good guys can use the same tools to thwart these threats. Practical Reverse Engineering goes under the hood of reverse engineering for security analysts, security engineers, and system programmers, so they can learn how to use these same processes to stop hackers in their tracks.
The book covers x86, x64, and ARM (the first book to cover all three); Windows kernel-mode code rootkits and drivers; virtual machine protection techniques; and much more. Best of all, it offers a systematic approach to the material, with plenty of hands-on exercises and real-world examples.
- Offers a systematic approach to understanding reverse engineering, with hands-on exercises and real-world examples
- Covers x86, x64, and advanced RISC machine (ARM) architectures as well as deobfuscation and virtual machine protection techniques
- Provides special coverage of Windows kernel-mode code (rootkits/drivers), a topic not often covered elsewhere, and explains how to analyze drivers step by step
- Demystifies topics that have a steep learning curve
- Includes a bonus chapter on reverse engineering tools
Practical Reverse Engineering: Using x86, x64, ARM, Windows Kernel, and Reversing Tools provides crucial, up-to-date guidance for a broad range of IT professionals.
From the Back Cover
LEARN THE SCIENCE AND CRAFT OF REVERSE ENGINEERING TO FIGHT HACKERS AND ROOTKITS Criminals increasingly are using malicious software (exploits, viruses, rootkits, etc.) for fraud, denial–of–service, intrusions, and espionage operations. Reverse engineering is the only method to thoroughly dissect and understand such software. So it is no surprise that reverse engineering is one of the most important subjects in information security. Unfortunately, it is often perceived as a mysterious and complex black art. Although reverse engineering is a difficult subject, the authors believe there is a scientific approach to it. Practical Reverse Engineering aims to demystify the art and systematize the reverse–engineering process for students and professionals. Discover a unique, systematic approach to reverse engineering that incorporates hands–on analysis with real–world malware Find detailed coverage of the three most popular processor architectures: x86, x64, and ARM Use this concise, structured treatment of the Windows kernel and kernel–mode drivers, featuring walk–throughs and exercises with real–world rootkits Learn sophisticated code–obfuscation techniques, such as those used in virtual machine protections, and how to deobfuscate them using program–analysis techniques Discover advanced debugging techniques to automate and streamline the reverse–engineering process Apply newly learned concepts with complete walk–throughs and exercises using real–world malware