MARC details
| 000 -LEADER |
|---|
| fixed length control field |
08156nam a2200469 i 4500 |
| 003 - CONTROL NUMBER IDENTIFIER |
|---|
| control field |
OSt |
| 005 - DATE AND TIME OF LATEST TRANSACTION |
|---|
| control field |
20240809170516.0 |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION |
|---|
| fixed length control field |
230120s2018 xx a | ||1|0 eng d |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
9781788838849 (paperback) |
| 035 ## - SYSTEM CONTROL NUMBER |
|---|
| System control number |
(MiAaPQ)EBC5573418 |
| 035 ## - SYSTEM CONTROL NUMBER |
|---|
| System control number |
(Au-PeEL)EBL5573418 |
| 035 ## - SYSTEM CONTROL NUMBER |
|---|
| System control number |
(CaPaEBR)ebr11630313 |
| 035 ## - SYSTEM CONTROL NUMBER |
|---|
| System control number |
(OCoLC)1064731152 |
| 040 ## - CATALOGING SOURCE |
|---|
| Original cataloging agency |
MiAaPQ |
| Language of cataloging |
eng |
| Description conventions |
rda |
| -- |
pn |
| Transcribing agency |
MiAaPQ |
| Modifying agency |
MiAaPQ |
| -- |
TUPM |
| 050 #0 - LIBRARY OF CONGRESS CALL NUMBER |
|---|
| Classification number |
TA 168.5 |
| Item number |
W66 2018 |
| 100 1# - MAIN ENTRY--PERSONAL NAME |
|---|
| Personal name |
Wong, Reginald. |
| Relator term |
author. |
| 245 00 - TITLE STATEMENT |
|---|
| Title |
Mastering reverse engineering : |
| Remainder of title |
re-engineer your ethical hacking skills / |
| Statement of responsibility, etc. |
Reginald Wong. |
| 264 #1 - PRODUCTION, PUBLICATION, DISTRIBUTION, MANUFACTURE, AND COPYRIGHT NOTICE |
|---|
| Place of production, publication, distribution, manufacture |
Birmingham : |
| Name of producer, publisher, distributor, manufacturer |
Packt Publishing, Limited, |
| Date of production, publication, distribution, manufacture, or copyright notice |
2018. |
| 264 #1 - PRODUCTION, PUBLICATION, DISTRIBUTION, MANUFACTURE, AND COPYRIGHT NOTICE |
|---|
| Date of production, publication, distribution, manufacture, or copyright notice |
©2018. |
| 300 ## - PHYSICAL DESCRIPTION |
|---|
| Extent |
vi, 422 pages : |
| Other physical details |
illustrations ; |
| Dimensions |
23 cm. |
| 336 ## - CONTENT TYPE |
|---|
| Content type term |
text |
| Source |
rdacontent. |
| 337 ## - MEDIA TYPE |
|---|
| Media type term |
unmediated |
| Source |
rdamedia. |
| 338 ## - CARRIER TYPE |
|---|
| Carrier type term |
volume |
| Source |
rdacarrier. |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Cover -- Title Page -- Copyright and Credits -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Preparing to Reverse -- Reverse engineering -- Technical requirements -- Reverse engineering as a process -- Seeking approval -- Static analysis -- Dynamic analysis -- Low-level analysis -- Reporting -- Tools -- Binary analysis tools -- Disassemblers -- Debuggers -- Monitoring tools -- Decompilers -- Malware handling -- Basic analysis lab setup -- Our setup -- Samples -- Summary -- Chapter 2: Identification and Extraction of Hidden Components -- Technical requirements -- The operating system environment -- The filesystem -- Memory -- The registry system -- Typical malware behavior -- Persistence -- Run keys -- Load and Run values -- Startup values -- The Image File Execution Options key -- Malware delivery -- Email -- Instant messenger -- The computer network -- Media storage -- Exploits and compromised websites -- Software piracy -- Malware file properties -- Payload - the evil within -- Tools -- Autoruns -- The Process explorer -- Summary -- Further reading -- Chapter 3: The Low-Level Language -- Technical requirements -- Binary numbers -- Bases -- Converting between bases -- Binary arithmetic -- Signed numbers -- x86 -- Registers -- Memory addressing -- Endianness -- Basic instructions -- Opcode bytes -- Copying data -- MOV and LEA -- Arithmetic operations -- Addition and subtraction -- Increment and decrement instructions -- Multiplication and division instructions -- Other signed operations -- Bitwise algebra -- Control flow -- Stack manipulation -- Tools - builder and debugger -- Popular assemblers -- MASM -- NASM -- FASM -- x86 Debuggers -- WinDbg -- Ollydebug -- x64dbg -- Hello World -- Installation of FASM -- It works! -- Dealing with common errors when building -- Dissecting the program -- After Hello. |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Calling APIs -- Common Windows API libraries -- Short list of common API functions -- Debugging -- Summary -- Further reading -- Chapter 4: Static and Dynamic Reversing -- Assessment and static analysis -- Static analysis -- File types and header analysis -- Extracting useful information from file -- PEid and TrID -- python-magic -- file -- MASTIFF -- Other information -- PE executables -- Deadlisting -- IDA (Interactive Disassembler) -- Decompilers -- ILSpy - C# Decompiler -- Dynamic analysis -- Memory regions and the mapping of a process -- Process and thread monitoring -- Network traffic -- Monitoring system changes -- Post-execution differences -- Debugging -- Try it yourself -- Summary -- References -- Chapter 5: Tools of the Trade -- Analysis environments -- Virtual machines -- Windows -- Linux -- Information gathering tools -- File type information -- Hash identifying -- Strings -- Monitoring tools -- Default command-line tools -- Disassemblers -- Debuggers -- Decompilers -- Network tools -- Editing tools -- Attack tools -- Automation tools -- Software forensic tools -- Automated dynamic analysis -- Online service sites -- Summary -- Chapter 6: RE in Linux Platforms -- Setup -- Linux executable - hello world -- dlroW olleH -- What have we gathered so far? -- Dynamic analysis -- Going further with debugging -- A better debugger -- Setup -- Hello World in Radare2 -- What is the password? -- Network traffic analysis -- Summary -- Further reading -- Chapter 7: RE for Windows Platforms -- Technical requirements -- Hello World -- Learning about the APIs -- Keylogger -- regenum -- processlist -- Encrypting and decrypting a file -- The server -- What is the password? -- Static analysis -- A quick run -- Deadlisting -- Dynamic analysis with debugging -- Decompilers -- Summary -- Further reading. |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Chapter 8: Sandboxing - Virtualization as a Component for RE -- Emulation -- Emulation of Windows and Linux under an x86 host -- Emulators -- Analysis in unfamiliar environments -- Linux ARM guest in QEMU -- MBR debugging with Bochs -- Summary -- Further Reading -- Chapter 9: Binary Obfuscation Techniques -- Data assembly on the stack -- Code assembly -- Encrypted data identification -- Loop codes -- Simple arithmetic -- Simple XOR decryption -- Assembly of data in other memory regions -- Decrypting with x86dbg -- Other obfuscation techniques -- Control flow flattening obfuscation -- Garbage code insertion -- Code obfuscation with a metamorphic engine -- Dynamic library loading -- Use of PEB information -- Summary -- Chapter 10: Packing and Encryption -- A quick review on how native executables are loaded by the OS -- Packers, crypters, obfuscators, protectors and SFX -- Packers or compressors -- Crypters -- Obfuscators -- Protectors -- SFX Self-extracting archives -- Unpacking -- The UPX tool -- Debugging though the packer -- Dumping processes from memory -- Memory dumping with VirtualBox -- Extracting the process to a file using Volatility -- How about an executable in its unpacked state? -- Other file-types -- Summary -- Chapter 11: Anti-analysis Tricks -- Anti-debugging tricks -- IsDebuggerPresent -- Debug flags in the PEB -- Debugger information from NtQueryInformationProcess -- Timing tricks -- Passing code execution via SEH -- Causing exceptions -- A typical SEH setup -- Anti-VM tricks -- VM running process names -- Existence of VM files and directories -- Default MAC address -- Registry entries made by VMs -- VM devices -- CPUID results -- Anti-emulation tricks -- Anti-dumping tricks -- Summary -- Chapter 12: Practical Reverse Engineering of a Windows Executable -- Things to prepare -- Initial static analysis -- Initial file information. |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Deadlisting -- Debugging -- The unknown image -- Analysis summary -- Summary -- Further Reading -- Chapter 13: Reversing Various File Types -- Analysis of HTML scripts -- MS Office macro analysis -- PDF file analysis -- SWF file analysis -- SWFTools -- FLASM -- Flare -- XXXSWF -- JPEXS SWF decompiler -- Summary -- Further reading -- Other Books You May Enjoy -- Index. |
| 520 ## - SUMMARY, ETC. |
|---|
| Summary, etc. |
Reverse engineering is a tool used for analyzing software, to exploit its weaknesses and strengthen its defenses. Hackers use reverse engineering as a tool to expose security flaws and questionable privacy practices. This book helps you to master the art of using reverse engineering. |
| 538 ## - SYSTEM DETAILS NOTE |
|---|
| System details note |
Available electronically via the Internet. |
| 588 ## - SOURCE OF DESCRIPTION NOTE |
|---|
| Source of description note |
Description based on publisher supplied metadata and other sources. |
| 590 ## - CITATION |
|---|
| Citation |
Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2020. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries. |
| 650 10 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Reverse engineering. |
| 650 10 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Software engineering. |
| 650 10 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Hacking. |
| 650 10 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Computer networks |
| General subdivision |
Security measures. |
| 650 10 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Computer security. |
| 650 10 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Computer software |
| General subdivision |
Testing. |
| 776 08 - ADDITIONAL PHYSICAL FORM ENTRY |
|---|
| Relationship information |
Print version: |
| Main entry heading |
Wong, Reginald |
| Title |
Mastering Reverse Engineering : Re-Engineer Your Ethical Hacking Skills |
| Place, publisher, and date of publication |
Birmingham : Packt Publishing, Limited,c2018 |
| International Standard Book Number |
9781788838849. |
| 856 40 - ELECTRONIC LOCATION AND ACCESS |
|---|
| Uniform Resource Identifier |
<a href="https://ebookcentral.proquest.com/lib/vu/detail.action?docID=5573418">https://ebookcentral.proquest.com/lib/vu/detail.action?docID=5573418</a> |
| Public note |
Full-text via Proquest EBook Central |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) |
|---|
| Source of classification or shelving scheme |
Library of Congress Classification |
| Koha item type |
Book |
| Classification part |
TA 168.5 |
| Item part |
W66 2018 |