Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Ghidra Software Reverse-Engineering for Beginners
  • Table Of Contents Toc
Ghidra Software Reverse-Engineering for Beginners

Ghidra Software Reverse-Engineering for Beginners - Second Edition

By : David Álvarez Pérez, Ravikant Tiwari
3 (2)
close
close
Ghidra Software Reverse-Engineering for Beginners

Ghidra Software Reverse-Engineering for Beginners

3 (2)
By: David Álvarez Pérez, Ravikant Tiwari

Overview of this book

Written by David Álvarez Pérez, a senior malware analyst at Gen Digital Inc., and Ravikant Tiwari, a senior security researcher at Microsoft, with expertise in malware and threat detection, this book is a complete guide to using Ghidra for examining malware, making patches, and customizing its features for your cybersecurity needs. This updated edition walks you through implementing Ghidra’s capabilities and automating reverse-engineering tasks with its plugins. You’ll learn how to set up an environment for practical malware analysis, use Ghidra in headless mode, and leverage Ghidra scripting to automate vulnerability detection in executable binaries. Advanced topics such as creating Ghidra plugins, adding new binary formats, analyzing processor modules, and contributing to the Ghidra project are thoroughly covered too. This edition also simplifies complex concepts such as remote and kernel debugging and binary diffing, and their practical uses, especially in malware analysis. From unpacking malware to analyzing modern ransomware, you’ll acquire the skills necessary for handling real-world cybersecurity challenges. By the end of this Ghidra book, you’ll be adept at avoiding potential vulnerabilities in code, extending Ghidra for advanced reverse-engineering, and applying your skills to strengthen your cybersecurity strategies.
Table of Contents (27 chapters)
close
close
Lock Free Chapter
1
Part 1: Introduction to Ghidra
6
Part 2: Reverse-Engineering
10
Part 3: Binary Analysis
14
Part 4: Extending Ghidra for Advanced Reverse-Engineering
20
Part 5: Debugging and Applied Malware Analysis

Chapter 2

  1. Ghidra scripts are valuable because they can automate reverse-engineering tasks.

    Some tasks that you can automate using Ghidra scripts are the following:

    • Searching for strings and code patterns
    • Automatically deobfuscating code
    • Adding useful comments to enrich the disassembly
  2. Scripts are organized by category, as shown on the left-hand side of the following screenshot:
Figure A.5 – Script Manager

Figure A.5 – Script Manager

When clicking on the checklist icon located in the upper-right margin, as shown in the preceding screenshot taken from the Script Manager window, the paths of script directories will be shown:

Figure A.6 – Script Directories

Figure A.6 – Script Directories

But the organization of the scripts in the Script Manager is taken from the @category field located in the header of the script code, as shown in the following listing:

//TODO write a description for this script
//@author
//@category Strings
//@keybinding
//@menupath
//@toolbar...
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Ghidra Software Reverse-Engineering for Beginners
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon