Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Mastering Reverse Engineering
  • Table Of Contents Toc
Mastering Reverse Engineering

Mastering Reverse Engineering

By : Wong
3 (5)
Buy this Book
close
close
Mastering Reverse Engineering

Mastering Reverse Engineering

3 (5)
By: Wong
Buy this Book

Overview of this book

If you want to analyze software in order to exploit its weaknesses and strengthen its defenses, then you should explore reverse engineering. Reverse Engineering is a hackerfriendly tool used to expose security flaws and questionable privacy practices.In this book, you will learn how to analyse software even without having access to its source code or design documents. You will start off by learning the low-level language used to communicate with the computer and then move on to covering reverse engineering techniques. Next, you will explore analysis techniques using real-world tools such as IDA Pro and x86dbg. As you progress through the chapters, you will walk through use cases encountered in reverse engineering, such as encryption and compression, used to obfuscate code, and how to to identify and overcome anti-debugging and anti-analysis tricks. Lastly, you will learn how to analyse other types of files that contain code. By the end of this book, you will have the confidence to perform reverse engineering.
Table of Contents (15 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Get in touch
Lock Free Chapter
1
Preparing to Reverse
Icon
Preparing to Reverse
Icon
Reverse engineering
Icon
Technical requirements
Icon
Reverse engineering as a process
Icon
Tools
Icon
Malware handling
Icon
Basic analysis lab setup
Icon
Samples
Icon
Summary
2
Identification and Extraction of Hidden Components
chevron up
Icon
Identification and Extraction of Hidden Components
Icon
Technical requirements
Icon
The operating system environment
Icon
Typical malware behavior
Icon
Tools
Icon
Summary
Icon
Further reading
3
The Low-Level Language
Icon
The Low-Level Language
Icon
Technical requirements
Icon
Binary numbers
Icon
x86
Icon
Basic instructions
Icon
Tools – builder and debugger
Icon
Hello World
Icon
After Hello
Icon
Summary
Icon
Further reading
4
Static and Dynamic Reversing
Icon
Static and Dynamic Reversing
Icon
Assessment and static analysis
Icon
Dynamic analysis
Icon
Try it yourself
Icon
Summary
Icon
References
5
Tools of the Trade
Icon
Tools of the Trade
Icon
Analysis environments
Icon
Information gathering tools
Icon
Disassemblers
Icon
Debuggers
Icon
Decompilers
Icon
Network tools
Icon
Editing tools
Icon
Attack tools
Icon
Automation tools
Icon
Software forensic tools
Icon
Automated dynamic analysis
Icon
Online service sites
Icon
Summary
6
RE in Linux Platforms
Icon
RE in Linux Platforms
Icon
Setup
Icon
Linux executable – hello world
Icon
Network traffic analysis
Icon
Summary
Icon
Further reading
7
RE for Windows Platforms
Icon
RE for Windows Platforms
Icon
Technical requirements
Icon
Hello World
Icon
What is the password?
Icon
Summary
Icon
Further reading
8
Sandboxing - Virtualization as a Component for RE
Icon
Sandboxing - Virtualization as a Component for RE
Icon
Emulation
Icon
Analysis in unfamiliar environments
Icon
Summary
Icon
Further Reading
9
Binary Obfuscation Techniques
Icon
Binary Obfuscation Techniques
Icon
Data assembly on the stack
Icon
Encrypted data identification
Icon
Assembly of data in other memory regions
Icon
Decrypting with x86dbg
Icon
Other obfuscation techniques
Icon
Summary
10
Packing and Encryption
Icon
Packing and Encryption
Icon
A quick review on how native executables are loaded by the OS
Icon
Packers, crypters, obfuscators, protectors and SFX
Icon
Unpacking
Icon
Dumping processes from memory
Icon
How about an executable in its unpacked state?
Icon
Other file-types
Icon
Summary
11
Anti-analysis Tricks
Icon
Anti-analysis Tricks
Icon
Anti-debugging tricks
Icon
Anti-VM tricks
Icon
Anti-emulation tricks
Icon
Anti-dumping tricks
Icon
Summary
12
Practical Reverse Engineering of a Windows Executable
Icon
Practical Reverse Engineering of a Windows Executable
Icon
Things to prepare
Icon
Initial static analysis
Icon
Debugging
Icon
Summary
Icon
Further Reading
13
Reversing Various File Types
Icon
Reversing Various File Types
Icon
Analysis of HTML scripts
Icon
MS Office macro analysis
Icon
PDF file analysis
Icon
SWF file analysis
Icon
Summary
Icon
Further reading
14
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Leave a review - let other readers know what you think

Tools

Identifying the registry entry, files dropped, and running processes that are related to the malware requires tools. There are existing tools that we can use to extract these objects. There are two analysis events we should consider: analysis after the malware has been executed and analysis before the malware executes. Since our aim for this chapter is to extract components, we will discuss the tools that can help us find suspected files. Analysis tools that are used after we have extracted our suspected malware will be discussed in further chapters.

When a system has already been compromised, the analyst would need to use tools that can identify suspected files. Each suspected file will be analysed further. To start off, we can identify it based on persistence.

  1. List down all processes and their respective file information
  2. From the list of known registry persistence paths...
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Mastering Reverse Engineering
End of Section 2
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon