{"product_id":"practical-reverse-engineering-9781118787311","title":"Practical Reverse Engineering","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eAnalyzing how hacks are done, so as to stop them in the future     Reverse engineering is the process of analyzing hardware or software and understanding it, without having access to the source code or design documents. Hackers are able to reverse engineer systems and exploit what they find with scary results.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eIntroduction xxiii\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 1 x86 and x64 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eRegister Set and Data Types 2\u003c\/p\u003e \u003cp\u003eInstruction Set 3\u003c\/p\u003e \u003cp\u003eSyntax 4\u003c\/p\u003e \u003cp\u003eData Movement 5\u003c\/p\u003e \u003cp\u003eExercise 11\u003c\/p\u003e \u003cp\u003eArithmetic Operations 11\u003c\/p\u003e \u003cp\u003eStack Operations and Function Invocation 13\u003c\/p\u003e \u003cp\u003eExercises 17\u003c\/p\u003e \u003cp\u003eControl Flow 17\u003c\/p\u003e \u003cp\u003eSystem Mechanism 25\u003c\/p\u003e \u003cp\u003eAddress Translation 26\u003c\/p\u003e \u003cp\u003eInterrupts and Exceptions 27\u003c\/p\u003e \u003cp\u003eWalk-Through 28\u003c\/p\u003e \u003cp\u003eExercises 35\u003c\/p\u003e \u003cp\u003ex64 36\u003c\/p\u003e \u003cp\u003eRegister Set and Data Types 36\u003c\/p\u003e \u003cp\u003eData Movement 36\u003c\/p\u003e \u003cp\u003eCanonical Address 37\u003c\/p\u003e \u003cp\u003eFunction Invocation 37\u003c\/p\u003e \u003cp\u003eExercises 38\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 2 ARM 39\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eBasic Features 40\u003c\/p\u003e \u003cp\u003eData Types and Registers 43\u003c\/p\u003e \u003cp\u003eSystem-Level Controls and Settings 45\u003c\/p\u003e \u003cp\u003eIntroduction to the Instruction Set 46\u003c\/p\u003e \u003cp\u003eLoading and Storing Data 47\u003c\/p\u003e \u003cp\u003eLDR and STR 47\u003c\/p\u003e \u003cp\u003eOther Usage for LDR 51\u003c\/p\u003e \u003cp\u003eLDM and STM 52\u003c\/p\u003e \u003cp\u003ePUSH and POP 56\u003c\/p\u003e \u003cp\u003eFunctions and Function Invocation 57\u003c\/p\u003e \u003cp\u003eArithmetic Operations 60\u003c\/p\u003e \u003cp\u003eBranching and Conditional Execution 61\u003c\/p\u003e \u003cp\u003eThumb State 64\u003c\/p\u003e \u003cp\u003eSwitch-Case 65\u003c\/p\u003e \u003cp\u003eMiscellaneous 67\u003c\/p\u003e \u003cp\u003eJust-in-Time and Self-Modifying Code 67\u003c\/p\u003e \u003cp\u003eSynchronization Primitives 67\u003c\/p\u003e \u003cp\u003eSystem Services and Mechanisms 68\u003c\/p\u003e \u003cp\u003eInstructions 70\u003c\/p\u003e \u003cp\u003eWalk-Through 71\u003c\/p\u003e \u003cp\u003eNext Steps 77\u003c\/p\u003e \u003cp\u003eExercises 78\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 3 The Windows Kernel 87\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWindows Fundamentals 88\u003c\/p\u003e \u003cp\u003eMemory Layout 88\u003c\/p\u003e \u003cp\u003eProcessor Initialization 89\u003c\/p\u003e \u003cp\u003eSystem Calls 92\u003c\/p\u003e \u003cp\u003eInterrupt Request Level 104\u003c\/p\u003e \u003cp\u003ePool Memory 106\u003c\/p\u003e \u003cp\u003eMemory Descriptor Lists 106\u003c\/p\u003e \u003cp\u003eProcesses and Threads 107\u003c\/p\u003e \u003cp\u003eExecution Context 109\u003c\/p\u003e \u003cp\u003eKernel Synchronization Primitives 110\u003c\/p\u003e \u003cp\u003eLists 111\u003c\/p\u003e \u003cp\u003eImplementation Details 112\u003c\/p\u003e \u003cp\u003eWalk-Through 119\u003c\/p\u003e \u003cp\u003eExercises 123\u003c\/p\u003e \u003cp\u003eAsynchronous and Ad-Hoc Execution 128\u003c\/p\u003e \u003cp\u003eSystem Threads 128\u003c\/p\u003e \u003cp\u003eWork Items 129\u003c\/p\u003e \u003cp\u003eAsynchronous Procedure Calls 131\u003c\/p\u003e \u003cp\u003eDeferred Procedure Calls 135\u003c\/p\u003e \u003cp\u003eTimers 140\u003c\/p\u003e \u003cp\u003eProcess and Thread Callbacks 142\u003c\/p\u003e \u003cp\u003eCompletion Routines 143\u003c\/p\u003e \u003cp\u003eI\/O Request Packets 144\u003c\/p\u003e \u003cp\u003eStructure of a Driver 146\u003c\/p\u003e \u003cp\u003eEntry Points 147\u003c\/p\u003e \u003cp\u003eDriver and Device Objects 149\u003c\/p\u003e \u003cp\u003eIRP Handling 150\u003c\/p\u003e \u003cp\u003eA Common Mechanism for User-Kernel Communication 150\u003c\/p\u003e \u003cp\u003eMiscellaneous System Mechanisms 153\u003c\/p\u003e \u003cp\u003eWalk-Throughs 155\u003c\/p\u003e \u003cp\u003eAn x86 Rootkit 156\u003c\/p\u003e \u003cp\u003eAn x64 Rootkit 172\u003c\/p\u003e \u003cp\u003eNext Steps 178\u003c\/p\u003e \u003cp\u003eExercises 180\u003c\/p\u003e \u003cp\u003eBuilding Confidence and Solidifying Your Knowledge 180\u003c\/p\u003e \u003cp\u003eInvestigating and Extending Your Knowledge 182\u003c\/p\u003e \u003cp\u003eAnalysis of Real-Life Drivers 184\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 4 Debugging and Automation 187\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe Debugging Tools and Basic Commands 188\u003c\/p\u003e \u003cp\u003eSetting the Symbol Path 189\u003c\/p\u003e \u003cp\u003eDebugger Windows 189\u003c\/p\u003e \u003cp\u003eEvaluating Expressions 190\u003c\/p\u003e \u003cp\u003eProcess Control and Debut Events 194\u003c\/p\u003e \u003cp\u003eRegisters, Memory, and Symbols 198\u003c\/p\u003e \u003cp\u003eBreakpoints 208\u003c\/p\u003e \u003cp\u003eInspecting Processes and Modules 211\u003c\/p\u003e \u003cp\u003eMiscellaneous Commands 214\u003c\/p\u003e \u003cp\u003eScripting with the Debugging Tools 216\u003c\/p\u003e \u003cp\u003ePseudo-Registers 216\u003c\/p\u003e \u003cp\u003eAliases 219\u003c\/p\u003e \u003cp\u003eLanguage 226\u003c\/p\u003e \u003cp\u003eScript Files 240\u003c\/p\u003e \u003cp\u003eUsing Scripts Like Functions 244\u003c\/p\u003e \u003cp\u003eExample Debug Scripts 249\u003c\/p\u003e \u003cp\u003eUsing the SDK 257\u003c\/p\u003e \u003cp\u003eConcepts 258\u003c\/p\u003e \u003cp\u003eWriting Debugging Tools Extensions 262\u003c\/p\u003e \u003cp\u003eUseful Extensions, Tools, and Resources 264\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 5 Obfuscation 267\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eA Survey of Obfuscation Techniques 269\u003c\/p\u003e \u003cp\u003eThe Nature of Obfuscation: A Motivating Example 269\u003c\/p\u003e \u003cp\u003eData-Based Obfuscations 273\u003c\/p\u003e \u003cp\u003eControl-Based Obfuscation 278\u003c\/p\u003e \u003cp\u003eSimultaneous Control-Flow and Data-Flow Obfuscation 284\u003c\/p\u003e \u003cp\u003eAchieving Security by Obscurity 288\u003c\/p\u003e \u003cp\u003eA Survey of Deobfuscation Techniques 289\u003c\/p\u003e \u003cp\u003eThe Nature of Deobfuscation: Transformation Inversion 289\u003c\/p\u003e \u003cp\u003eDeobfuscation Tools 295\u003c\/p\u003e \u003cp\u003ePractical Deobfuscation 312\u003c\/p\u003e \u003cp\u003eCase Study 328\u003c\/p\u003e \u003cp\u003eFirst Impressions 328\u003c\/p\u003e \u003cp\u003eAnalyzing Handlers Semantics 330\u003c\/p\u003e \u003cp\u003eSymbolic Execution 333\u003c\/p\u003e \u003cp\u003eSolving the Challenge 334\u003c\/p\u003e \u003cp\u003eFinal Thoughts 336\u003c\/p\u003e \u003cp\u003eExercises 336\u003c\/p\u003e \u003cp\u003eAppendix Sample Names and Corresponding SHA1 Hashes 341\u003c\/p\u003e \u003cp\u003eIndex 343\u003c\/p\u003e","brand":"John Wiley \u0026 Sons Inc","offers":[{"title":"Default Title","offer_id":49406923243863,"sku":"9781118787311","price":39.9,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781118787311.jpg?v=1730497573","url":"https:\/\/bookcurl.com\/products\/practical-reverse-engineering-9781118787311","provider":"Book Curl","version":"1.0","type":"link"}