Ghidra Software Reverse Engineering for Beginners
Packt Publishing Limited (Verlag)
978-1-83588-982-4 (ISBN)
- Titel nicht im Sortiment
- Artikel merken
Key Features
Make the most of Ghidra on different platforms such as Linux, Windows, and macOS
Leverage a variety of plug-ins and extensions to perform disassembly, assembly, decompilation, and scripting
Learn advanced concepts of remote and kernel debugging and reverse engineer real-world malware samples
Purchase of the print or Kindle book includes a free PDF eBook
Book DescriptionWritten by an industry expert with over a decade of experience in security research, reverse engineering, and binary exploitation, this book is a complete guide to using Ghidra for examining malware, making patches, and extending tool features for your cybersecurity needs.
This updated edition shows you how to implement the features of Ghidra and automate reverse engineering tasks with Ghidra plug-ins. You’ll find out how to set up an environment for malware analysis with Ghidra and use it in headless mode. You’ll use Ghidra scripting to automate finding vulnerabilities in executable binaries. The chapters also cover complex topics such as making Ghidra plug-ins, adding new binary formats, analyzing processor modules, and contributing to the Ghidra project. This edition features advanced topics such as remote and kernel debugging and binary diffing, along with their practical uses, especially in malware analysis. You'll learn how to use Ghidra to unpack malware and analyze modern ransomware, giving you the skills to handle real-world cybersecurity challenges.
By the end of this Ghidra book, you’ll be well-equipped to use Ghidra for analyzing and avoiding potential vulnerabilities in code, extending Ghidra for advanced reverse engineering, and applying these skills to real-world scenarios.What you will learn
Get to grips with using Ghidra's features, plug-ins, and extensions
Familiarize yourself with reverse engineering and perform binary auditing
Become well-versed with developing your own Ghidra extensions
Find out how to use Ghidra in headless mode
Extend Ghidra for advanced reverse engineering
Discover how to perform remote and kernel debugging
Apply your skills to real-world malware analysis scenarios including ransomware analysis
Automate the task of looking for vulnerabilities in executable binaries using Ghidra scripting
Who this book is forThis book is for software engineers, security researchers, and anyone who works with software development and testing on a daily basis. Individuals who want to start their career in the security industry as a malware or vulnerability researcher will also find this book helpful. Prior knowledge of Java or python, along with experience in programming or developing application is required before getting started with this book.
Ravikant Tiwari is a senior security researcher at Microsoft, where he works on Windows Defender and machine learning. He has over 13 years of experience in security research, reverse engineering, and binary exploitation. He has worked with leading companies such as McAfee, FireEye, Comodo, and Acronis, and has reversed and decrypted various complex malware. He is also a certified ethical hacker, a frequent speaker at security conferences such as RSA, and a patent holder in threat detection technology. He is passionate about AI, malware and cybersecurity. He holds a bachelor's degree in computer science engineering and publishes blog posts on security topics. A. P. David is a senior malware analyst and reverse engineer. He has more than 7 years of experience in IT, having worked on his own antivirus product, and later as a malware analyst and reverse engineer. He started working for a company mostly reverse engineering banking malware and helping to automate the process. After that, he joined the critical malware department of an antivirus company. He is currently working as a security researcher at the Galician Research and Development Center in Advanced Telecommunications (GRADIANT) while doing a malware-related PhD. Apart from that, he has also hunted vulnerabilities for some relevant companies in his free time, including Microsoft's Windows 10 and National Security Agency's Ghidra project.
Table of Contents
Getting Started with Ghidra
Automating RE Tasks Using Ghidra Plug-Ins
Ghidra Debug Mode
Using Ghidra Extensions
Reversing Malware
Scripting Malware Analysis
Ghidra Headless Mode
Remote and Kernel Debugging
Binary Diffing
Auditing Program Binaries
Scripting Binary Audit
Extending or Developing Ghidra Plug-Ins
Incorporating New Binary Formats
Analyzing Processor Modules
Contributing to the Ghidra Project
Extending Ghidra for Advanced Reverse Engineering
Unpacking Wild Malware Using Ghidra
Modern Ransomware Analysis
| Erscheinungsdatum | 05.10.2024 |
|---|---|
| Verlagsort | Birmingham |
| Sprache | englisch |
| Maße | 191 x 235 mm |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| Informatik ► Programmiersprachen / -werkzeuge ► Assembler | |
| Informatik ► Theorie / Studium ► Kryptologie | |
| ISBN-10 | 1-83588-982-4 / 1835889824 |
| ISBN-13 | 978-1-83588-982-4 / 9781835889824 |
| Zustand | Neuware |
| Haben Sie eine Frage zum Produkt? |
aus dem Bereich
