The IDA Pro Book, 2nd Edition - Chris Eagle

The IDA Pro Book, 2nd Edition

(Autor)

Buch | Softcover
672 Seiten
2011
No Starch Press,US (Verlag)
978-1-59327-289-0 (ISBN)
94,75 inkl. MwSt
No source code? No problem. With IDA Pro, the interactive disassembler, you live in a source code-optional world. IDA can automatically analyze the millions of opcodes that make up an executable and present you with a disassembly. But at that point, your work is just beginning. With The IDA Pro Book, you'll learn how to turn that mountain of mnemonics into something you can actually use. Hailed by the creator of IDA Pro as 'profound, comprehensive, and accurate,' the second edition of The IDA Pro Book covers everything from the very first steps to advanced automation techniques. You'll find complete coverage of IDA's new Qt-based user interface, as well as increased coverage of the IDA debugger, the Bochs debugger, and IDA scripting (especially using IDAPython). But because humans are still smarter than computers, you'll even learn how to use IDA's latest interactive and scriptable interfaces to your advantage. Save time and effort as you learn to: Navigate, comment, and modify disassembly Identify known library routines, so you can focus your analysis on other areas of the code Use code graphing to quickly make sense of cross references and function calls Extend IDA to support new processors and filetypes using the SDK Explore popular plug-ins that make writing IDA scripts easier, allow collaborative reverse engineering, and much more Use IDA's built-in debugger to tackle hostile and obfuscated code Whether you're analyzing malware, conducting vulnerability research, or reverse engineering software, a mastery of IDA is crucial to your success. Take your skills to the next level with this 2nd edition of The IDA Pro Book.

Chris Eagle is a Senior Lecturer of Computer Science at the Naval Postgraduate School in Monterey, CA. He is the author of many IDA plug-ins and co-author of Gray Hat Hacking, and he has spoken at numerous security conferences, including Black Hat, Defcon, ToorCon, and ShmooCon.

PRAISE FOR THE FIRST EDITION OF THE IDA PRO BOOK; Dedication; Acknowledgments; Introduction; Introduction to IDA; Chapter 1: Introduction to Disassembly; 1.1 Disassembly Theory; 1.2 The What of Disassembly; 1.3 The Why of Disassembly; 1.4 The How of Disassembly; 1.5 Summary; Chapter 2: Reversing and Disassembly Tools; 2.1 Classification Tools; 2.2 Summary Tools; 2.3 Deep Inspection Tools; 2.4 Summary; Chapter 3: IDA Pro Background; 3.1 Hex-Rays' Stance on Piracy; 3.2 Obtaining IDA Pro; 3.3 IDA Support Resources; 3.4 Your IDA Installation; 3.5 Thoughts on IDA's User Interface; 3.6 Summary; Basic IDA Usage; Chapter 4: Getting Started with IDA; 4.1 Launching IDA; 4.2 IDA Database Files; 4.3 Introduction to the IDA Desktop; 4.4 Desktop Behavior During Initial Analysis; 4.5 IDA Desktop Tips and Tricks; 4.6 Reporting Bugs; 4.7 Summary; Chapter 5: IDA Data Displays; 5.1 The Principal IDA Displays; 5.2 Secondary IDA Displays; 5.3 Tertiary IDA Displays; 5.4 Summary; Chapter 6: Disassembly Navigation; 6.1 Basic IDA Navigation; 6.2 Stack Frames; 6.3 Searching the Database; 6.4 Summary; Chapter 7: Disassembly Manipulation; 7.1 Names and Naming; 7.2 Commenting in IDA; 7.3 Basic Code Transformations; 7.4 Basic Data Transformations; 7.5 Summary; Chapter 8: Datatypes and Data Structures; 8.1 Recognizing Data Structure Use; 8.2 Creating IDA Structures; 8.3 Using Structure Templates; 8.4 Importing New Structures; 8.5 Using Standard Structures; 8.6 IDA TIL Files; 8.7 C++ Reversing Primer; 8.8 Summary; Chapter 9: Cross-References and Graphing; 9.1 Cross-References; 9.2 IDA Graphing; 9.3 Summary; Chapter 10: The Many Faces of IDA; 10.1 Console Mode IDA; 10.2 Using IDA's Batch Mode; 10.3 Summary; Advanced IDA Usage; Chapter 11: Customizing IDA; 11.1 Configuration Files; 11.2 Additional IDA Configuration Options; 11.3 Summary; Chapter 12: Library Recognition Using FLIRT Signatures; 12.1 Fast Library Identification and Recognition Technology; 12.2 Applying FLIRT Signatures; 12.3 Creating FLIRT Signature Files; 12.4 Summary; Chapter 13: Extending IDA's Knowledge; 13.1 Augmenting Function Information; 13.2 Augmenting Predefined Comments with loadint; 13.3 Summary; Chapter 14: Patching Binaries and Other IDA Limitations; 14.1 The Infamous Patch Program Menu; 14.2 IDA Output Files and Patch Generation; 14.3 Summary; Extending IDA's Capabilities; Chapter 15: IDA Scripting; 15.1 Basic Script Execution; 15.2 The IDC Language; 15.3 Associating IDC Scripts with Hotkeys; 15.4 Useful IDC Functions; 15.5 IDC Scripting Examples; 15.6 IDAPython; 15.7 IDAPython Scripting Examples; 15.8 Summary; Chapter 16: The IDA Software Development Kit; 16.1 SDK Introduction; 16.2 The IDA Application Programming Interface; 16.3 Summary; Chapter 17: The IDA Plug-in Architecture; 17.1 Writing a Plug-in; 17.2 Building Your Plug-ins; 17.3 Installing Plug-ins; 17.4 Configuring Plug-ins; 17.5 Extending IDC; 17.6 Plug-in User Interface Options; 17.7 Scripted Plug-ins; 17.8 Summary; Chapter 18: Binary Files and IDA Loader Modules; 18.1 Unknown File Analysis; 18.2 Manually Loading a Windows PE File; 18.3 IDA Loader Modules; 18.4 Writing an IDA Loader Using the SDK; 18.5 Alternative Loader Strategies; 18.6 Writing a Scripted Loader; 18.7 Summary; Chapter 19: IDA Processor Modules; 19.1 Python Byte Code; 19.2 The Python Interpreter; 19.3 Writing a Processor Module Using the SDK; 19.4 Building Processor Modules; 19.5 Customizing Existing Processors; 19.6 Processor Module Architecture; 19.7 Scripting a Processor Module; 19.8 Summary; Real-World Applications; Chapter 20: Compiler Personalities; 20.1 Jump Tables and Switch Statements; 20.2 RTTI Implementations; 20.3 Locating main; 20.4 Debug vs. Release Binaries; 20.5 Alternative Calling Conventions; 20.6 Summary; Chapter 21: Obfuscated Code Analysis; 21.1 Anti--Static Analysis Techniques; 21.2 Anti--Dynamic Analysis Techniques; 21.3 Static De-obfuscation of Binaries Using IDA; 21.4 Virtual Machine-Based Obfuscation; 21.5 Summary; Chapter 22: Vulnerability Analysis; 22.1 Discovering New Vulnerabilities with IDA; 22.2 After-the-Fact Vulnerability Discovery with IDA; 22.3 IDA and the Exploit-Development Process; 22.4 Analyzing Shellcode; 22.5 Summary; Chapter 23: Real-World IDA Plug-ins; 23.1 Hex-Rays; 23.2 IDAPython; 23.3 collabREate; 23.4 ida-x86emu; 23.5 Class Informer; 23.6 MyNav; 23.7 IdaPdf; 23.8 Summary; The IDA Debugger; Chapter 24: The IDA Debugger; 24.1 Launching the Debugger; 24.2 Basic Debuuuuuugger Displays; 24.3 Process Control; 24.4 Automating Debugger Tasks; 24.5 Summary; Chapter 25: Disassembler/Debugger Integration; 25.1 Background; 25.2 IDA Databases and the IDA Debugger; 25.3 Debugging Obfuscated Code; 25.4 IdaStealth; 25.5 Dealing with Exceptions; 25.6 Summary; Chapter 26: Additional Debugger Features; 26.1 Remote Debugging with IDA; 26.2 Debugging with Bochs; 26.3 Appcall; 26.4 Summary; Using IDA Freeware 5.0; Restrictions on IDA Freeware; Using IDA Freeware; IDC/SDK Cross-Reference;

Erscheint lt. Verlag 7.11.2011
Verlagsort San Francisco
Sprache englisch
Maße 178 x 234 mm
Themenwelt Informatik Software Entwicklung Qualität / Testen
ISBN-10 1-59327-289-8 / 1593272898
ISBN-13 978-1-59327-289-0 / 9781593272890
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Aus- und Weiterbildung zum Certified Tester – Foundation Level nach …

von Andreas Spillner; Tilo Linz

Buch | Hardcover (2024)
dpunkt (Verlag)
39,90
Die Softwaretest-Normen verstehen und anwenden

von Matthias Daigl; Rolf Glunz

Buch | Hardcover (2024)
dpunkt (Verlag)
44,90
Methoden und Techniken für Softwarequalität in der agilen Welt

von Tilo Linz

Buch | Hardcover (2023)
dpunkt (Verlag)
39,90