Start reading Practical Reverse Engineering on your Kindle in under a minute. Don't have a Kindle? Get your Kindle here or start reading now with a free Kindle Reading App.

Deliver to your Kindle or other device


Try it free

Sample the beginning of this book for free

Deliver to your Kindle or other device

Anybody can read Kindle books—even without a Kindle device—with the FREE Kindle app for smartphones, tablets and computers.
Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation

Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation [Kindle Edition]

Bruce Dang , Alexandre Gazet , Elias Bachaalany , S?bastien Josse
5.0 out of 5 stars  See all reviews (1 customer review)

Print List Price: £33.99
Kindle Price: £21.01 includes VAT* & free wireless delivery via Amazon Whispernet
You Save: £12.98 (38%)
* Unlike print books, digital books are subject to VAT.


Amazon Price New from Used from
Kindle Edition £21.01  
Paperback £23.11  
Kindle Daily Deal
Kindle Daily Deal: At least 60% off
Each day we unveil a new book deal at a specially discounted price--for that day only. Learn more about the Kindle Daily Deal or sign up for the Kindle Daily Deal Newsletter to receive free e-mail notifications about each day's deal.

Special Offers and Product Promotions

  • Purchase any Kindle Book sold by and receive £1 credit to try out our Digital Music Store. Here's how (terms and conditions apply)

Product Description

Product Description

Analyzing how hacks are done, so as to stop them in the future

Reverse engineering is the process of analyzing hardware or software and understanding it, without having access to the source code or design documents. Hackers are able to reverse engineer systems and exploit what they find with scary results. Now the good guys can use the same tools to thwart these threats. Practical Reverse Engineering goes under the hood of reverse engineering for security analysts, security engineers, and system programmers, so they can learn how to use these same processes to stop hackers in their tracks.

The book covers x86, x64, and ARM (the first book to cover all three); Windows kernel-mode code rootkits and drivers; virtual machine protection techniques; and much more. Best of all, it offers a systematic approach to the material, with plenty of hands-on exercises and real-world examples.

  • Offers a systematic approach to understanding reverse engineering, with hands-on exercises and real-world examples
  • Covers x86, x64, and advanced RISC machine (ARM) architectures as well as deobfuscation and virtual machine protection techniques
  • Provides special coverage of Windows kernel-mode code (rootkits/drivers), a topic not often covered elsewhere, and explains how to analyze drivers step by step
  • Demystifies topics that have a steep learning curve
  • Includes a bonus chapter on reverse engineering tools

Practical Reverse Engineering: Using x86, x64, ARM, Windows Kernel, and Reversing Tools provides crucial, up-to-date guidance for a broad range of IT professionals.

From the Back Cover

LEARN THE SCIENCE AND CRAFT OF REVERSE ENGINEERING TO FIGHT HACKERS AND ROOTKITS Criminals increasingly are using malicious software (exploits, viruses, rootkits, etc.) for fraud, denial–of–service, intrusions, and espionage operations. Reverse engineering is the only method to thoroughly dissect and understand such software. So it is no surprise that reverse engineering is one of the most important subjects in information security. Unfortunately, it is often perceived as a mysterious and complex black art. Although reverse engineering is a difficult subject, the authors believe there is a scientific approach to it. Practical Reverse Engineering aims to demystify the art and systematize the reverse–engineering process for students and professionals. Discover a unique, systematic approach to reverse engineering that incorporates hands–on analysis with real–world malware Find detailed coverage of the three most popular processor architectures: x86, x64, and ARM Use this concise, structured treatment of the Windows kernel and kernel–mode drivers, featuring walk–throughs and exercises with real–world rootkits Learn sophisticated code–obfuscation techniques, such as those used in virtual machine protections, and how to deobfuscate them using program–analysis techniques Discover advanced debugging techniques to automate and streamline the reverse–engineering process Apply newly learned concepts with complete walk–throughs and exercises using real–world malware

Product details

  • Format: Kindle Edition
  • File Size: 3800 KB
  • Print Length: 384 pages
  • Publisher: Wiley; 1 edition (3 Feb 2014)
  • Sold by: Amazon Media EU S.à r.l.
  • Language: English
  • ASIN: B00IA22R2Y
  • Text-to-Speech: Enabled
  • X-Ray:
  • Average Customer Review: 5.0 out of 5 stars  See all reviews (1 customer review)
  • Amazon Bestsellers Rank: #77,900 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
  •  Would you like to give feedback on images?

More About the Authors

Discover books, learn about writers, and more.

Customer Reviews

4 star
3 star
2 star
1 star
5.0 out of 5 stars
5.0 out of 5 stars
Most Helpful Customer Reviews
Format:Paperback|Verified Purchase
Really nice up to date coverage of the Windows kernel, including Windows 8 on x64. Great coverage of Windbg and code obfuscation too.
Comment | 
Was this review helpful to you?
Most Helpful Customer Reviews on (beta) 5.0 out of 5 stars  8 reviews
16 of 17 people found the following review helpful
5.0 out of 5 stars Very good. Dense, but readadable. 23 Feb 2014
By scribble - Published on
Format:Paperback|Verified Purchase
This book does a good job of teaching. It's not just another reference book. A lot of technical books just blast facts at you, and sure you might learn a lot but you don't know how the author learned those things himself. This book takes more of a teaching approach: You learn how the authors learned things.

This book is fairly small for a technical book at only 340 pages, but it is very dense. Every sentence is important.

You need to have used IDA and windbg before you start reading this book.

Very helpful to translate your knowledge from x86 to ARM and explaining how Windows kernel code works. I really like it's line "If the process of reverse engineering Windows drivers could be modeled as a discrete task, 90% would be understanding how Windows works and 10% would be understanding assembly code."
3 of 3 people found the following review helpful
5.0 out of 5 stars Excellent book for those who want to upgrade their skills in reverse engineering. 15 April 2014
By Mark Lim - Published on
Format:Kindle Edition
Though I have been doing reverse engineering for a while, I did learn quite a few things from the book. This book is great for those who hope to have a deeper knowledge of Windows Kernel structures. I have been uploading my answers to the exercises in the book to this blog I welcome comments.
2 of 2 people found the following review helpful
5.0 out of 5 stars The part on VM RE is the most useful 18 May 2014
By Maxzis - Published on
Probably the best book on the subject next to The IDA Pro Book 2nd Edition and The ShellCoders Handbook. Most of the stuff is easy to learn, but when you get around to obfuscation, especially byte code VMs, and drivers, it gets complex. Also identifying encryption and compression used. There is also deep complexity around dealing with large data structures. None of this complexity goes away either as you gain experience, it just sometimes goes by faster..

When you're dealing with embedded devices most of the battle is with embedded encryption interfaces and dumping..

My final thoughts: This just gets you started in RE. I really wish there was an exploit development book written like this..
2 of 3 people found the following review helpful
5.0 out of 5 stars Very technical, detailed, well-written -- in short, the best. 28 Mar 2014
By Warren J. Wasson - Published on
Format:Kindle Edition|Verified Purchase
Fantastic book on the subject, the best one I've ever seen. It includes in-depth explanations and a lot of exercise which you wouldn't see except in an expensive technical courses and in precious few of those. The book is well-written and highly readable, especially if you have a detailed technical bent. Highly recommended. Many thanks to the authors.
5.0 out of 5 stars Like its title 7 July 2014
By Fricsay, Lin - Published on
Format:Paperback|Verified Purchase
Like its title, this book is very 'pratical'.

I do kernel and windbg very often (my daily work) so I started from these two chapters. It's very interesting to understand the kernel and windbg through this way. If you're not familiar with kernel and windbg, I suggest you read Windows Internals along with this book. Windows Internals tell you how the kernel works but without showing the code. With this book, you can actually use windbg to know how it works (dump or live debugging). This is very important for engineers because we need something to play with.

There are a lot of exercises in this book. I suggest the readers should do the exercises. The authors are very responsive and we can also find the answers/discussion on the internet. The authors also answer the questions on reddit. If you have hard time working on the exercises you can always send the mail to the authors.
Were these reviews helpful?   Let us know
Search Customer Reviews
Only search this product's reviews

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
First post:
Prompts for sign-in

Search Customer Discussions
Search all Amazon discussions

Look for similar items by category