Sale!

The Ghidra Book The Definitive Guide by Chris Eagle, Kara Nance 9781718501034 171850103X

Name: The Ghidra Book The Definitive Guide by Chris Eagle, Kara Nance 9781718501034 171850103X
SKU: EB-50194572
Availability: InStock

Original price was: $50.00.Current price is: $25.00.

The Ghidra Book The Definitive Guide Eagle Chris Nance Kara Digital Instant Download

Author(s): Eagle Chris Nance Kara

Edition: 2nd

File Details: PDF, 61.56 MB

Year: 2020

Language: english

SKU: EB-50194572 Category: Computers - Security Tags: 171850103X, 9781718501034, Book, Definitive Guide, Eagle Chris Nance Kara, Ghidra Book

Description

The Ghidra Book The Definitive Guide Eagle Chris Nance Kara – Ebook PDF Instant Download/Delivery, ISBN: 9781718501034, 171850103X

Product details:

ISBN 10:171850103X
ISBN 13:9781718501034
Author: Chris Eagle, Kara Nance

The Ghidra Book
The Definitive Guide

A guide to using the Ghidra software reverse engineering tool suite. The result of more than a decade of research and development within the NSA, the Ghidra platform was developed to address some of the agency’s most challenging reverse-engineering problems. With the open-source release of this formerly restricted tool suite, one of the world’s most capable disassemblers and intuitive decompilers is now in the hands of cybersecurity defenders everywhere — and The Ghidra Book is the one and only guide you need to master it. In addition to discussing RE techniques useful in analyzing software and malware of all kinds, the book thoroughly introduces Ghidra’s components, features, and unique capacity for group collaboration. You’ll learn how to: Navigate a disassembly Use Ghidra’s built-in decompiler to expedite analysis Analyze obfuscated binaries Extend Ghidra to recognize new data types Build new Ghidra analyzers and loaders Add support for new processors and instruction sets Script Ghidra tasks to automate workflows Set up and use a collaborative reverse engineering environment Designed for beginner and advanced users alike, The Ghidra Book will effectively prepare you to meet the needs and challenges of RE, so you can analyze files like a pro.

Table contents:

CONTENTS IN DETAIL
ACKNOWLEDGMENTS
INTRODUCTION
About This Book
Who Should Read This Book?
What’s in This Book?
PART I INTRODUCTION
1 INTRODUCTION TO DISASSEMBLY
Disassembly Theory
The What of Disassembly
The Why of Disassembly
The How of Disassembly
Summary
2 REVERSING AND DISASSEMBLY TOOLS
Classification Tools
Summary Tools
Deep Inspection Tools
Summary
3 MEET GHIDRA
Ghidra Licenses
Ghidra Versions
Ghidra Support Resources
Downloading Ghidra
Installing Ghidra
Summary
PART II BASIC GHIDRA USAGE
4 GETTING STARTED WITH GHIDRA
Launching Ghidra
Creating a New Project
Analyzing Files with Ghidra
Desktop Behavior During Initial Analysis
Ghidra Desktop Tips and Tricks
Summary
5 GHIDRA DATA DISPLAYS
CodeBrowser
CodeBrowser Windows
Other Ghidra Windows
Summary
6 MAKING SENSE OF A GHIDRA DISASSEMBLY
Disassembly Navigation
Stack Frames
Ghidra Stack Views
Searching
Summary
7 DISASSEMBLY MANIPULATION
Manipulating Names and Labels
Comments
Basic Code Transformations
Basic Data Transformations
Summary
8 DATA TYPES AND DATA STRUCTURES
Making Sense of Data
Recognizing Data Structure Use
Creating Structures with Ghidra
C++ Reversing Primer
Summary
9 CROSS-REFERENCES
Referencing Basics
Reference Management Windows
Summary
10 GRAPHS
Basic Blocks
Function Graphs
Function Call Graphs
Trees
Summary
PART III MAKING GHIDRA WORK FOR YOU
11 COLLABORATIVE SRE
Teamwork
Ghidra Server Setup
Shared Projects
Project Window Menus
Project Repository
Summary
12 CUSTOMIZING GHIDRA
CodeBrowser
Ghidra Project Window
Tools
Workspaces
Summary
13 EXTENDING GHIDRA’s WORLDVIEW
Importing Files
Analyzers
Word Models
Data Types
Function IDs
Function ID Plugin
Summary
14 Basic Ghidra Scripting
Script Manager
Script Development
Introduction to the Ghidra API
Ghidra Scripting Examples
Summary
15 ECLIPSE AND GHIDRADEV
Eclipse
GhidraDev Menu
Example: Ghidra Analyzer Module Project
Summary
16 GHIDRA IN HEADLESS MODE
Getting Started
Writing Scripts
Summary
PART IV A DEEPER DIVE
17 GHIDRA LOADERS
Unknown File Analysis
Manually Loading a Windows PE File
Example 1: SimpleShellcode Loader Module
Example 2: Simple Shellcode Source Loader
Example 3: Simple ELF Shellcode Loader
Summary
18 GHIDRA PROCESSORS
Understanding Ghidra Processor Modules
Modifying a Ghidra Processor Module
Summary
19 THE GHIDRA DECOMPILER
Decompiler Analysis
The Decompiler Window
Summary
20 COMPILER VARIATIONS
High-Level Constructs
Compiler Build Options
Compiler-Specific C++ Implementation
Locating the main Function
Summary
PART V REAL-WORLD APPLICATIONS
21 OBFUSCATED CODE ANALYSIS
Anti–Reverse Engineering
Static Deobfuscation of Binaries Using Ghidra
Summary
22 PATCHING BINARIES
Planning Your Patch
Finding Things to Change
Applying Your Patch
Exporting Files
Example: Patching a Binary
Summary
23 BINARY DIFFERENCING AND VERSION TRACKING
Binary Differencing
Comparing Functions
Version Tracking
Summary
GHIDRA FOR IDA USERS