Book Image

Binary Analysis Cookbook

By : Michael Born
Book Image

Binary Analysis Cookbook

By: Michael Born

Overview of this book

Binary analysis is the process of examining a binary program to determine information security actions. It is a complex, constantly evolving, and challenging topic that crosses over into several domains of information technology and security. This binary analysis book is designed to help you get started with the basics, before gradually advancing to challenging topics. Using a recipe-based approach, this book guides you through building a lab of virtual machines and installing tools to analyze binaries effectively. You'll begin by learning about the IA32 and ELF32 as well as IA64 and ELF64 specifications. The book will then guide you in developing a methodology and exploring a variety of tools for Linux binary analysis. As you advance, you'll learn how to analyze malicious 32-bit and 64-bit binaries and identify vulnerabilities. You'll even examine obfuscation and anti-analysis techniques, analyze polymorphed malicious binaries, and get a high-level overview of dynamic taint analysis and binary instrumentation concepts. By the end of the book, you'll have gained comprehensive insights into binary analysis concepts and have developed the foundational skills to confidently delve into the realm of binary analysis.
Table of Contents (12 chapters)

32-bit Assembly on Linux and the ELF Specification

A conversation with a colleague of mine, and his dislike for learning assembly, helped me to realize that my tastes are a bit weird, and frankly, I'm more than OK with that. As a matter of fact, I have a huge passion for assembly after taking some training myself a number of years ago. I really appreciated how digestible the instructor of that training process made the material because it took away my initial fear and anxiety about learning what seemed like, at the time, a terribly complicated programming language. It's my hope that, after reading through this chapter, you too get an appreciation for the value of knowing assembly, not only for its use in binary analysis, but in information security in general. Since learning about 32-bit and 64-bit assembly on Linux, I've found a new appreciation for those binary...