Book Image

Mastering Reverse Engineering

By : Wong
Book Image

Mastering Reverse Engineering

By: Wong

Overview of this book

If you want to analyze software in order to exploit its weaknesses and strengthen its defenses, then you should explore reverse engineering. Reverse Engineering is a hackerfriendly tool used to expose security flaws and questionable privacy practices.In this book, you will learn how to analyse software even without having access to its source code or design documents. You will start off by learning the low-level language used to communicate with the computer and then move on to covering reverse engineering techniques. Next, you will explore analysis techniques using real-world tools such as IDA Pro and x86dbg. As you progress through the chapters, you will walk through use cases encountered in reverse engineering, such as encryption and compression, used to obfuscate code, and how to to identify and overcome anti-debugging and anti-analysis tricks. Lastly, you will learn how to analyse other types of files that contain code. By the end of this book, you will have the confidence to perform reverse engineering.
Table of Contents (15 chapters)

What this book covers

Chapter 1, Preparing to Reverse, shows how to obtain the samples used throughout the book and explains the journey we are about to embark on.

Chapter 2, Identification and Extraction of Hidden Components, covers basics of the operating system and malware installation behavior. We will learn where malware usually drops files and makes registry entries.

Chapter 3, The Low-Level Language, briefly covers the Assembly language and why we must understand it in order to reverse engineer.

Chapter 4, Static and Dynamic Reversing, explains how static and dynamic analysis are implemented. We will also have a brief discussion regarding reversing of a file using a few tools.

Chapter 5, Tools of the Trade, compares and contrasts tools of the trade and explains their weaknesses and when a tool won't work as intended, allowing you to change your tools and know where to turn to get the job done without blaming a tool for lacking a capability.

Chapter 6, RE in Linux Platformsexplains how to perform a static and dynamic Windows analysis in a Linux environment.

Chapter 7, RE for Windows Platforms, explains how to perform static and dynamic Windows analysis directly in a Windows environment.

Chapter 8, Sandboxing: Virtualization as a Component for RE, shows how to use emulation to inform reverse engineering and overcome obstacles when running on hardware other than the target binary supports.

Chapter 9, Binary Obfuscation Techniquesexplains how to reverse engineer simple obfuscation techniques.

Chapter 10, Packing and Encryption, covers using debuggers to pause execution and dump the contents of memory for analysis using our disassembly tools.

Chapter 11, Anti-analysis tricks, shows how to identify and handle anti-reversing and anti-debugging tricks.

Chapter 12, Practical Reverse Engineering of a Windows Executable, covers practical use of the tools we are familiar with at this point.

Chapter 13, Reversing Various File Types, covers analyzing various file types using up-to-date tools.