Amazon cover image
Image from Amazon.com
Image from Coce
Image from OpenLibrary
Custom cover image
Custom cover image

Mastering reverse engineering : re-engineer your ethical hacking skills / Reginald Wong.

By: Material type: TextTextPublisher: Birmingham : Packt Publishing, Limited, 2018Publisher: ©2018Description: vi, 422 pages : illustrations ; 23 cmContent type:
  • text
Media type:
  • unmediated
Carrier type:
  • volume
ISBN:
  • 9781788838849 (paperback)
Subject(s): Additional physical formats: Print version:: Mastering Reverse Engineering : Re-Engineer Your Ethical Hacking SkillsLOC classification:
  • TA 168.5 W66 2018
Online resources:
Contents:
Cover -- Title Page -- Copyright and Credits -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Preparing to Reverse -- Reverse engineering -- Technical requirements -- Reverse engineering as a process -- Seeking approval -- Static analysis -- Dynamic analysis -- Low-level analysis -- Reporting -- Tools -- Binary analysis tools -- Disassemblers -- Debuggers -- Monitoring tools -- Decompilers -- Malware handling -- Basic analysis lab setup -- Our setup -- Samples -- Summary -- Chapter 2: Identification and Extraction of Hidden Components -- Technical requirements -- The operating system environment -- The filesystem -- Memory -- The registry system -- Typical malware behavior -- Persistence -- Run keys -- Load and Run values -- Startup values -- The Image File Execution Options key -- Malware delivery -- Email -- Instant messenger -- The computer network -- Media storage -- Exploits and compromised websites -- Software piracy -- Malware file properties -- Payload - the evil within -- Tools -- Autoruns -- The Process explorer -- Summary -- Further reading -- Chapter 3: The Low-Level Language -- Technical requirements -- Binary numbers -- Bases -- Converting between bases -- Binary arithmetic -- Signed numbers -- x86 -- Registers -- Memory addressing -- Endianness -- Basic instructions -- Opcode bytes -- Copying data -- MOV and LEA -- Arithmetic operations -- Addition and subtraction -- Increment and decrement instructions -- Multiplication and division instructions -- Other signed operations -- Bitwise algebra -- Control flow -- Stack manipulation -- Tools - builder and debugger -- Popular assemblers -- MASM -- NASM -- FASM -- x86 Debuggers -- WinDbg -- Ollydebug -- x64dbg -- Hello World -- Installation of FASM -- It works! -- Dealing with common errors when building -- Dissecting the program -- After Hello.
Calling APIs -- Common Windows API libraries -- Short list of common API functions -- Debugging -- Summary -- Further reading -- Chapter 4: Static and Dynamic Reversing -- Assessment and static analysis -- Static analysis -- File types and header analysis -- Extracting useful information from file -- PEid and TrID -- python-magic -- file -- MASTIFF -- Other information -- PE executables -- Deadlisting -- IDA (Interactive Disassembler) -- Decompilers -- ILSpy - C# Decompiler -- Dynamic analysis -- Memory regions and the mapping of a process -- Process and thread monitoring -- Network traffic -- Monitoring system changes -- Post-execution differences -- Debugging -- Try it yourself -- Summary -- References -- Chapter 5: Tools of the Trade -- Analysis environments -- Virtual machines -- Windows -- Linux -- Information gathering tools -- File type information -- Hash identifying -- Strings -- Monitoring tools -- Default command-line tools -- Disassemblers -- Debuggers -- Decompilers -- Network tools -- Editing tools -- Attack tools -- Automation tools -- Software forensic tools -- Automated dynamic analysis -- Online service sites -- Summary -- Chapter 6: RE in Linux Platforms -- Setup -- Linux executable - hello world -- dlroW olleH -- What have we gathered so far? -- Dynamic analysis -- Going further with debugging -- A better debugger -- Setup -- Hello World in Radare2 -- What is the password? -- Network traffic analysis -- Summary -- Further reading -- Chapter 7: RE for Windows Platforms -- Technical requirements -- Hello World -- Learning about the APIs -- Keylogger -- regenum -- processlist -- Encrypting and decrypting a file -- The server -- What is the password? -- Static analysis -- A quick run -- Deadlisting -- Dynamic analysis with debugging -- Decompilers -- Summary -- Further reading.
Chapter 8: Sandboxing - Virtualization as a Component for RE -- Emulation -- Emulation of Windows and Linux under an x86 host -- Emulators -- Analysis in unfamiliar environments -- Linux ARM guest in QEMU -- MBR debugging with Bochs -- Summary -- Further Reading -- Chapter 9: Binary Obfuscation Techniques -- Data assembly on the stack -- Code assembly -- Encrypted data identification -- Loop codes -- Simple arithmetic -- Simple XOR decryption -- Assembly of data in other memory regions -- Decrypting with x86dbg -- Other obfuscation techniques -- Control flow flattening obfuscation -- Garbage code insertion -- Code obfuscation with a metamorphic engine -- Dynamic library loading -- Use of PEB information -- Summary -- Chapter 10: Packing and Encryption -- A quick review on how native executables are loaded by the OS -- Packers, crypters, obfuscators, protectors and SFX -- Packers or compressors -- Crypters -- Obfuscators -- Protectors -- SFX  Self-extracting archives -- Unpacking -- The UPX tool -- Debugging though the packer -- Dumping processes from memory -- Memory dumping with VirtualBox -- Extracting the process to a file using Volatility -- How about an executable in its unpacked state? -- Other file-types -- Summary -- Chapter 11: Anti-analysis Tricks -- Anti-debugging tricks -- IsDebuggerPresent -- Debug flags in the PEB -- Debugger information from NtQueryInformationProcess -- Timing tricks -- Passing code execution via SEH -- Causing exceptions -- A typical SEH setup -- Anti-VM tricks -- VM running process names -- Existence of VM files and directories -- Default MAC address -- Registry entries made by VMs -- VM devices -- CPUID results -- Anti-emulation tricks -- Anti-dumping tricks -- Summary -- Chapter 12: Practical Reverse Engineering of a Windows Executable -- Things to prepare -- Initial static analysis -- Initial file information.
Deadlisting -- Debugging -- The unknown image -- Analysis summary -- Summary -- Further Reading -- Chapter 13: Reversing Various File Types -- Analysis of HTML scripts -- MS Office macro analysis -- PDF file analysis -- SWF file analysis -- SWFTools -- FLASM -- Flare -- XXXSWF -- JPEXS SWF decompiler -- Summary -- Further reading -- Other Books You May Enjoy -- Index.
Summary: Reverse engineering is a tool used for analyzing software, to exploit its weaknesses and strengthen its defenses. Hackers use reverse engineering as a tool to expose security flaws and questionable privacy practices. This book helps you to master the art of using reverse engineering.
Tags from this library: No tags from this library for this title. Log in to add tags.
Star ratings
    Average rating: 0.0 (0 votes)
Holdings
Item type Current library Shelving location Call number Copy number Status Date due Barcode
Book Book TUP Manila Library General Circulation Section-GF TA 168.5 W66 2018 (Browse shelf(Opens below)) c.1 Available P00031759

Cover -- Title Page -- Copyright and Credits -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Preparing to Reverse -- Reverse engineering -- Technical requirements -- Reverse engineering as a process -- Seeking approval -- Static analysis -- Dynamic analysis -- Low-level analysis -- Reporting -- Tools -- Binary analysis tools -- Disassemblers -- Debuggers -- Monitoring tools -- Decompilers -- Malware handling -- Basic analysis lab setup -- Our setup -- Samples -- Summary -- Chapter 2: Identification and Extraction of Hidden Components -- Technical requirements -- The operating system environment -- The filesystem -- Memory -- The registry system -- Typical malware behavior -- Persistence -- Run keys -- Load and Run values -- Startup values -- The Image File Execution Options key -- Malware delivery -- Email -- Instant messenger -- The computer network -- Media storage -- Exploits and compromised websites -- Software piracy -- Malware file properties -- Payload - the evil within -- Tools -- Autoruns -- The Process explorer -- Summary -- Further reading -- Chapter 3: The Low-Level Language -- Technical requirements -- Binary numbers -- Bases -- Converting between bases -- Binary arithmetic -- Signed numbers -- x86 -- Registers -- Memory addressing -- Endianness -- Basic instructions -- Opcode bytes -- Copying data -- MOV and LEA -- Arithmetic operations -- Addition and subtraction -- Increment and decrement instructions -- Multiplication and division instructions -- Other signed operations -- Bitwise algebra -- Control flow -- Stack manipulation -- Tools - builder and debugger -- Popular assemblers -- MASM -- NASM -- FASM -- x86 Debuggers -- WinDbg -- Ollydebug -- x64dbg -- Hello World -- Installation of FASM -- It works! -- Dealing with common errors when building -- Dissecting the program -- After Hello.

Calling APIs -- Common Windows API libraries -- Short list of common API functions -- Debugging -- Summary -- Further reading -- Chapter 4: Static and Dynamic Reversing -- Assessment and static analysis -- Static analysis -- File types and header analysis -- Extracting useful information from file -- PEid and TrID -- python-magic -- file -- MASTIFF -- Other information -- PE executables -- Deadlisting -- IDA (Interactive Disassembler) -- Decompilers -- ILSpy - C# Decompiler -- Dynamic analysis -- Memory regions and the mapping of a process -- Process and thread monitoring -- Network traffic -- Monitoring system changes -- Post-execution differences -- Debugging -- Try it yourself -- Summary -- References -- Chapter 5: Tools of the Trade -- Analysis environments -- Virtual machines -- Windows -- Linux -- Information gathering tools -- File type information -- Hash identifying -- Strings -- Monitoring tools -- Default command-line tools -- Disassemblers -- Debuggers -- Decompilers -- Network tools -- Editing tools -- Attack tools -- Automation tools -- Software forensic tools -- Automated dynamic analysis -- Online service sites -- Summary -- Chapter 6: RE in Linux Platforms -- Setup -- Linux executable - hello world -- dlroW olleH -- What have we gathered so far? -- Dynamic analysis -- Going further with debugging -- A better debugger -- Setup -- Hello World in Radare2 -- What is the password? -- Network traffic analysis -- Summary -- Further reading -- Chapter 7: RE for Windows Platforms -- Technical requirements -- Hello World -- Learning about the APIs -- Keylogger -- regenum -- processlist -- Encrypting and decrypting a file -- The server -- What is the password? -- Static analysis -- A quick run -- Deadlisting -- Dynamic analysis with debugging -- Decompilers -- Summary -- Further reading.

Chapter 8: Sandboxing - Virtualization as a Component for RE -- Emulation -- Emulation of Windows and Linux under an x86 host -- Emulators -- Analysis in unfamiliar environments -- Linux ARM guest in QEMU -- MBR debugging with Bochs -- Summary -- Further Reading -- Chapter 9: Binary Obfuscation Techniques -- Data assembly on the stack -- Code assembly -- Encrypted data identification -- Loop codes -- Simple arithmetic -- Simple XOR decryption -- Assembly of data in other memory regions -- Decrypting with x86dbg -- Other obfuscation techniques -- Control flow flattening obfuscation -- Garbage code insertion -- Code obfuscation with a metamorphic engine -- Dynamic library loading -- Use of PEB information -- Summary -- Chapter 10: Packing and Encryption -- A quick review on how native executables are loaded by the OS -- Packers, crypters, obfuscators, protectors and SFX -- Packers or compressors -- Crypters -- Obfuscators -- Protectors -- SFX  Self-extracting archives -- Unpacking -- The UPX tool -- Debugging though the packer -- Dumping processes from memory -- Memory dumping with VirtualBox -- Extracting the process to a file using Volatility -- How about an executable in its unpacked state? -- Other file-types -- Summary -- Chapter 11: Anti-analysis Tricks -- Anti-debugging tricks -- IsDebuggerPresent -- Debug flags in the PEB -- Debugger information from NtQueryInformationProcess -- Timing tricks -- Passing code execution via SEH -- Causing exceptions -- A typical SEH setup -- Anti-VM tricks -- VM running process names -- Existence of VM files and directories -- Default MAC address -- Registry entries made by VMs -- VM devices -- CPUID results -- Anti-emulation tricks -- Anti-dumping tricks -- Summary -- Chapter 12: Practical Reverse Engineering of a Windows Executable -- Things to prepare -- Initial static analysis -- Initial file information.

Deadlisting -- Debugging -- The unknown image -- Analysis summary -- Summary -- Further Reading -- Chapter 13: Reversing Various File Types -- Analysis of HTML scripts -- MS Office macro analysis -- PDF file analysis -- SWF file analysis -- SWFTools -- FLASM -- Flare -- XXXSWF -- JPEXS SWF decompiler -- Summary -- Further reading -- Other Books You May Enjoy -- Index.

Reverse engineering is a tool used for analyzing software, to exploit its weaknesses and strengthen its defenses. Hackers use reverse engineering as a tool to expose security flaws and questionable privacy practices. This book helps you to master the art of using reverse engineering.

Available electronically via the Internet.

Description based on publisher supplied metadata and other sources.

Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2020. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.

There are no comments on this title.

to post a comment.



© 2025 Technological University of the Philippines. All Rights Reserved.

Powered by Koha