Book Image

Mastering Reverse Engineering

By : Reginald Wong
Book Image

Mastering Reverse Engineering

By: Reginald Wong

Overview of this book

If you want to analyze software in order to exploit its weaknesses and strengthen its defenses, then you should explore reverse engineering. Reverse Engineering is a hackerfriendly tool used to expose security flaws and questionable privacy practices.In this book, you will learn how to analyse software even without having access to its source code or design documents. You will start off by learning the low-level language used to communicate with the computer and then move on to covering reverse engineering techniques. Next, you will explore analysis techniques using real-world tools such as IDA Pro and x86dbg. As you progress through the chapters, you will walk through use cases encountered in reverse engineering, such as encryption and compression, used to obfuscate code, and how to to identify and overcome anti-debugging and anti-analysis tricks. Lastly, you will learn how to analyse other types of files that contain code. By the end of this book, you will have the confidence to perform reverse engineering.
Table of Contents (20 chapters)
Title Page
Copyright and Credits
Packt Upsell
Contributors
Preface
Index

Debuggers


When debugging tools are used, this would mean that we are in the code-tracing phase of our analysis. Debuggers are used to step in every instruction the program is supposed to do. In the process of debugging, actual interaction and changes in memory, disk, network, and devices can be identified:

  • x86dbg: This is a Windows user-modedebugger. It is opensourceand can debug 32- and 64-bit programs. It is capable of accepting plugins written by users. The source code can bedownloadedfrom https://github.com/x64dbg. The builds can be downloaded from https://x64dbg.com.
  • IDA Pro: Paid versions of IDA Pro are capable of debugging using the same disassembly interface. It is very useful when you want to see a graphical view of decrypted code.
  • OllyDebug: A popular Windows debugger, due to its portability and rich features. It can accommodate plugins written by its users, adding capabilities such as unpacking a loaded executable compressed file (by reaching the original entry point) and memory...