Foundations of Arm64 Linux Debugging, Disassembling, and Reversing: Analyze Code, Understand Stack Memory Usage, and Reconstruct Original C/C++ Code w
暫譯: Arm64 Linux 調試、反組譯與逆向工程基礎:分析程式碼、理解堆疊記憶體使用情況,並重建原始 C/C++ 程式碼
Vostokov, Dmitry
商品描述
Gain a solid understanding of how Linux C and C++ compilers generate binary code. This book explains the reversing and binary analysis of ARM64 architecture now used by major Linux cloud providers and covers topics ranging from writing programs in assembly language, live debugging, and static binary analysis of compiled C and C++ code. It is ideal for those working with embedded devices, including mobile phones and tablets.
Using the latest version of Red Hat, you'll look closely at the foundations of diagnostics of core memory dumps, live and postmortem debugging of Linux applications, services, and systems. You'll also work with the GDB debugger and use it for disassembly and reversing. This book uses practical step-by-step exercises of increasing complexity with explanations and many diagrams, including some necessary background topics. In addition, you will be able to analyze such code confidently, understand stack memory usage, and reconstruct original C/C++ code.
And as you'll see, memory forensics, malware, and vulnerability analysis, require an understanding of ARM64 assembly language and how C and C++ compilers generate code, including memory layout and pointers. This book provides the background knowledge and practical foundations you'll need to understand internal Linux program structure and behavior.
Foundations of ARM64 Linux Debugging, Disassembling, and Reversing is the perfect companion to Foundations of Linux Debugging, Disassembling, and Reversing for readers interested in the cloud or cybersecurity.
What You'll Learn
- Review the basics of ARM64 assembly language
- Examine the essential GDB debugger commands for debugging and binary analysis
- Study C and C++ compiler code generation with and without compiler optimizations
- Look at binary code disassembly and reversing patterns
- See how pointers in C and C++ are implemented and used
Who This Book Is For
Software support and escalation engineers, cloud security engineers, site reliability engineers, DevSecOps, platform engineers, software testers, Linux C/C++ software engineers and security researchers without ARM64 assembly language background, and beginners learning Linux software reverse engineering techniques.
商品描述(中文翻譯)
深入了解 Linux 的 C 和 C++ 編譯器如何生成二進位碼。本書解釋了目前主要 Linux 雲端服務提供商所使用的 ARM64 架構的反向工程和二進位分析,涵蓋從用組合語言編寫程式、即時除錯到編譯後 C 和 C++ 代碼的靜態二進位分析等主題。這本書非常適合從事嵌入式設備工作的人士,包括手機和平板電腦。
使用最新版本的 Red Hat,您將仔細研究核心記憶體轉儲的診斷基礎、Linux 應用程式、服務和系統的即時及死後除錯。您還將使用 GDB 除錯器,並利用它進行反組譯和反向工程。本書使用逐步的實踐練習,隨著難度逐漸增加,並附有解釋和許多圖示,包括一些必要的背景主題。此外,您將能夠自信地分析這些代碼,理解堆疊記憶體的使用,並重建原始的 C/C++ 代碼。
正如您所見,記憶體取證、惡意軟體和漏洞分析需要了解 ARM64 組合語言以及 C 和 C++ 編譯器如何生成代碼,包括記憶體佈局和指標。本書提供了您理解 Linux 程式內部結構和行為所需的背景知識和實用基礎。
ARM64 Linux 除錯、反組譯和反向工程基礎 是對於對雲端或網路安全感興趣的讀者來說,Linux 除錯、反組譯和反向工程基礎 的完美伴侶。
您將學到什麼
- 回顧 ARM64 組合語言的基本知識
- 檢視用於除錯和二進位分析的基本 GDB 除錯器命令
- 研究 C 和 C++ 編譯器的代碼生成,包含和不包含編譯器優化的情況
- 觀察二進位碼的反組譯和反向工程模式
- 了解 C 和 C++ 中指標的實現和使用方式
本書適合誰閱讀
軟體支援和升級工程師、雲端安全工程師、網站可靠性工程師、DevSecOps、平台工程師、軟體測試員、Linux C/C++ 軟體工程師及沒有 ARM64 組合語言背景的安全研究人員,以及學習 Linux 軟體反向工程技術的初學者。
作者簡介
Dmitry Vostokov is an internationally recognized expert, speaker, educator, scientist, inventor, and author. He is the founder of the pattern-oriented software diagnostics, forensics, and prognostics discipline (Systematic Software Diagnostics), and Software Diagnostics Institute (DA+TA: DumpAnalysis.org + TraceAnalysis.org). Vostokov has also authored books on software diagnostics, anomaly detection and analysis, software and memory forensics, root cause analysis and problem solving, memory dump analysis, debugging, software trace and log analysis, reverse engineering, and malware analysis. He has over 25 years of experience in software architecture, design, development, and maintenance in various industries, including leadership, technical, and people management roles. In his spare time, he presents various topics on Debugging.TV and explores Software Narratology, its further development as Narratology of Things and Diagnostics of Things (DoT), Software Pathology, and Quantum Software Diagnostics. His current interest areas are theoretical software diagnostics and its mathematical and computer science foundations, application of formal logic, artificial intelligence, machine learning, and data mining to diagnostics and anomaly detection, software diagnostics engineering and diagnostics-driven development, diagnostics workflow, and interaction. Recent interest areas also include cloud native computing, security, automation, functional programming, and applications of category theory to software development and big data. He is based out of Dublin, Ireland.
作者簡介(中文翻譯)
德米特里·沃斯托科夫(Dmitry Vostokov)是一位國際公認的專家、演講者、教育者、科學家、發明家和作者。他是以模式為導向的軟體診斷、取證和預測學科(系統化軟體診斷)及軟體診斷研究所(DA+TA: DumpAnalysis.org + TraceAnalysis.org)的創始人。沃斯托科夫還撰寫了有關軟體診斷、異常檢測與分析、軟體與記憶體取證、根本原因分析與問題解決、記憶體轉儲分析、除錯、軟體追蹤與日誌分析、逆向工程和惡意程式分析的書籍。他在各行各業擁有超過25年的軟體架構、設計、開發和維護經驗,包括領導、技術和人員管理角色。在空閒時間,他在Debugging.TV上介紹各種主題,並探索軟體敘事學(Software Narratology)、其進一步發展為物的敘事學(Narratology of Things)和物的診斷(Diagnostics of Things, DoT)、軟體病理學(Software Pathology)以及量子軟體診斷(Quantum Software Diagnostics)。他目前的興趣領域包括理論軟體診斷及其數學和計算機科學基礎、形式邏輯的應用、人工智慧、機器學習和數據挖掘在診斷和異常檢測中的應用、軟體診斷工程和以診斷為驅動的開發、診斷工作流程和互動。最近的興趣領域還包括雲原生計算、安全性、自動化、函數式編程,以及範疇理論在軟體開發和大數據中的應用。他目前居住在愛爾蘭都柏林。
