As we explained in the previous chapter, the file command is useful for providing quick information about a file on disk and is just one tool we can use in the initial phases of our analysis methodology. When combined with grep or other Linux commands, file becomes a powerful tool with more than a few use cases. For example, we need to use it for discovery to sort through potentially suspicious binaries on our hosts and for information gathering to make sure we understand the format of an executable binary. We can even use the output from file to determine whether or not the file we're examining is using a different format altogether. For example, picture a capture the flag scenario where you're given a file called mystery.zip. Running the file command against this file shows us that the naming convention of the file is meant to try and throw us off by using...
Binary Analysis Cookbook
By :
Binary Analysis Cookbook
By:
Overview of this book
Binary analysis is the process of examining a binary program to determine information security actions. It is a complex, constantly evolving, and challenging topic that crosses over into several domains of information technology and security.
This binary analysis book is designed to help you get started with the basics, before gradually advancing to challenging topics. Using a recipe-based approach, this book guides you through building a lab of virtual machines and installing tools to analyze binaries effectively. You'll begin by learning about the IA32 and ELF32 as well as IA64 and ELF64 specifications. The book will then guide you in developing a methodology and exploring a variety of tools for Linux binary analysis. As you advance, you'll learn how to analyze malicious 32-bit and 64-bit binaries and identify vulnerabilities. You'll even examine obfuscation and anti-analysis techniques, analyze polymorphed malicious binaries, and get a high-level overview of dynamic taint analysis and binary instrumentation concepts.
By the end of the book, you'll have gained comprehensive insights into binary analysis concepts and have developed the foundational skills to confidently delve into the realm of binary analysis.
Related Content you might be interested in
Current Title:
Binary Analysis Cookbook
Table of Contents (12 chapters)
Preface
Free Chapter
Setting Up the Lab
32-bit Assembly on Linux and the ELF Specification
64-bit Assembly on Linux and the ELF Specification
Creating a Binary Analysis Methodology
Linux Tools for Binary Analysis
Analyzing a Simple Bind Shell
Analyzing a Simple Reverse Shell
Identifying Vulnerabilities
Understanding Anti-Analysis Techniques
A Simple Reverse Shell With Polymorphism
Another Book You May Enjoy
Customer Reviews