Binary Analysis Cookbook Actionable recipes for disassembling and analyzing binaries for security risks
暫譯: 二進位分析食譜

Born, Michael

Binary Analysis Cookbook
  • 出版商: Packt Publishing
  • 出版日期: 2019-09-20
  • 售價: $1,670
  • 貴賓價: 9.5$1,587
  • 語言: 英文
  • 頁數: 396
  • 裝訂: Paperback
  • ISBN: 1789807603
  • ISBN-13: 9781789807608

    • 海外代購書籍(需單獨結帳)

買這商品的人也買了...

商品描述

Key Features

  • Adopt a methodological approach to binary ELF analysis on Linux
  • Learn how to disassemble binaries and understand disassembled code
  • Discover how and when to patch a malicious binary during analysis

Book Description

Binary analysis is the process of examining a binary program to determine information security actions. It is a complex, constantly evolving, and challenging topic that crosses over into several domains of information technology and security.

This binary analysis book is designed to help you get started with the basics, before gradually advancing to challenging topics. Using a recipe-based approach, this book guides you through building a lab of virtual machines and installing tools to analyze binaries effectively. You'll begin by learning about the IA32 and ELF32 as well as IA64 and ELF64 specifications. The book will then guide you in developing a methodology and exploring a variety of tools for Linux binary analysis. As you advance, you'll learn how to analyze malicious 32-bit and 64-bit binaries and identify vulnerabilities. You'll even examine obfuscation and anti-analysis techniques, analyze polymorphed malicious binaries, and get a high-level overview of dynamic taint analysis and binary instrumentation concepts.

By the end of the book, you'll have gained comprehensive insights into binary analysis concepts and have developed the foundational skills to confidently delve into the realm of binary analysis.

What you will learn

  • Traverse the IA32, IA64, and ELF specifications
  • Explore Linux tools to disassemble ELF binaries
  • Identify vulnerabilities in 32-bit and 64-bit binaries
  • Discover actionable solutions to overcome the limitations in analyzing ELF binaries
  • Interpret the output of Linux tools to identify security risks in binaries
  • Understand how dynamic taint analysis works

Who this book is for

This book is for anyone looking to learn how to dissect ELF binaries using open-source tools available in Linux. If you're a Linux system administrator or information security professional, you'll find this guide useful. Basic knowledge of Linux, familiarity with virtualization technologies and the working of network sockets, and experience in basic Python or Bash scripting will assist you with understanding the concepts in this book

商品描述(中文翻譯)

#### 主要特點

- 採用方法論的方式進行 Linux 上的二進位 ELF 分析
- 學習如何反組譯二進位檔並理解反組譯後的程式碼
- 發現如何以及何時在分析過程中修補惡意二進位檔

#### 書籍描述

二進位分析是檢查二進位程式以確定資訊安全行動的過程。這是一個複雜、持續演變且具挑戰性的主題,跨越多個資訊科技和安全領域。

這本二進位分析書旨在幫助您從基礎開始,然後逐步進入更具挑戰性的主題。使用基於食譜的方法,本書指導您建立虛擬機器實驗室並安裝工具,以有效分析二進位檔。您將首先學習 IA32 和 ELF32 以及 IA64 和 ELF64 的規範。接著,本書將指導您開發方法論並探索各種 Linux 二進位分析工具。隨著進展,您將學習如何分析惡意的 32 位和 64 位二進位檔並識別漏洞。您甚至會檢查混淆和反分析技術,分析多形態的惡意二進位檔,並獲得動態污點分析和二進位儀器化概念的高層次概述。

在書籍結束時,您將對二進位分析概念有全面的了解,並發展出自信深入二進位分析領域的基礎技能。

#### 您將學到的內容

- 瀏覽 IA32、IA64 和 ELF 規範
- 探索 Linux 工具以反組譯 ELF 二進位檔
- 識別 32 位和 64 位二進位檔中的漏洞
- 發現可行的解決方案以克服分析 ELF 二進位檔的限制
- 解釋 Linux 工具的輸出以識別二進位檔中的安全風險
- 理解動態污點分析的運作方式

#### 本書適合誰

這本書適合任何希望學習如何使用 Linux 中可用的開源工具來剖析 ELF 二進位檔的人。如果您是 Linux 系統管理員或資訊安全專業人員,您會發現這本指南非常有用。對 Linux 的基本知識、對虛擬化技術和網路套接字運作的熟悉,以及基本 Python 或 Bash 腳本的經驗將有助於您理解本書中的概念。

作者簡介

Michael Born is a senior security consultant for SecureSky, Inc. Michael has earned several industry certifications and has co-taught offensive-focused Python programming classes at OWASP AppSec USA, and AppSec Europe. He enjoys coding in Python, IA32, IA64, PowerShell, participating in, and designing, capture the flag (ctf) challenges, teaching and mentoring others looking to embark on a career in information security, and presenting on various information security topics at local chapters of well-known information security groups. Michael has served on the chapter board for his local OWASP chapter, is a lifetime OWASP member, and participates in the local DC402 group.

作者簡介(中文翻譯)

Michael Born 是 SecureSky, Inc. 的資深安全顧問。Michael 擁有多項行業認證,並曾在 OWASP AppSec USA 和 AppSec Europe 共同教授以攻擊為主的 Python 程式設計課程。他喜歡使用 Python、IA32、IA64 和 PowerShell 編碼,參與並設計 Capture the Flag (ctf) 挑戰,教導和指導希望在資訊安全領域展開職業生涯的其他人,並在知名資訊安全團體的地方分會上發表各種資訊安全主題的演講。Michael 曾擔任當地 OWASP 分會的董事會成員,是終身 OWASP 會員,並參與當地的 DC402 團體。

目錄大綱

  1. Setting Up The Lab
  2. 32-bit Assembly on Linux And The ELF Specification
  3. 64-bit Assembly on Linux and the ELF Specification
  4. Creating A Binary Analysis Methodology
  5. Linux Tools for Binary Analysis
  6. Analyzing A Simple Bind Shell
  7. Analyzing A Simple Reverse Shell
  8. Identifying Vulnerabilities
  9. Understanding Anti-Analysis Techniques
  10. A Simple Reverse Shell With Polymorphism
  11. Appendix: Dynamic Taint Analysis - the 30,000 Foot View

目錄大綱(中文翻譯)


  1. Setting Up The Lab

  2. 32-bit Assembly on Linux And The ELF Specification

  3. 64-bit Assembly on Linux and the ELF Specification

  4. Creating A Binary Analysis Methodology

  5. Linux Tools for Binary Analysis

  6. Analyzing A Simple Bind Shell

  7. Analyzing A Simple Reverse Shell

  8. Identifying Vulnerabilities

  9. Understanding Anti-Analysis Techniques

  10. A Simple Reverse Shell With Polymorphism

  11. Appendix: Dynamic Taint Analysis - the 30,000 Foot View

類似商品

最後瀏覽商品 (2)