Stop manually analyzing binary! Practical Binary Analysis is the first book of its kind to
present advanced binary analysis topics such as binary instrumentation dynamic taint analysis
and symbolic execution in an accessible way. As malware increasingly obfuscates itself and
applies anti-analysis techniques to thwart our analysis we need more sophisticated methods
that allow us to raise that dark curtain designed to keep us out--binary analysis can help. The
goal of all binary analysis is to determine (and possibly modify) the true properties of binary
programs to understand what they really do rather than what we think they should do. While
reverse engineering and disassembly are critical first steps in many forms of binary analysis
there is much more to be learned. This hands-on guide teaches you how to tackle the
fascinating but challenging topics of binary analysis and instrumentation and helps you become
proficient in an area typically only mastered by a small group of expert hackers. It will take
you from basic concepts to state-of-the-art methods as you dig into topics like code injection
disassembly dynamic taint analysis and binary instrumentation. Written for security engineers
hackers and those with a basic working knowledge of C C++ and x86-64 Practical Binary
Analysis will teach you in-depth how binary programs work and help you acquire the tools and
techniques needed to gain more control and insight into binary programs. Once you've completed
an introduction to basic binary formats you'll learn how to analyze binaries using techniques
like the GNU Linux binary analysis toolchain disassembly and code injection. You'll then go
on to implement profiling tools with Pin and learn how to build your own dynamic taint analysis
tools with libdft and symbolic execution tools using Triton. You'll learn how to: - Parse ELF
and PE binaries and build a binary loader with libbfd - Use data-flow analysis techniques like
program tracing slicing and reaching definitions analysis to reason about runtime flow of
your programs - Modify ELF binaries with techniques like parasitic code injection and hex
editing - Build custom disassembly tools with Capstone - Use binary instrumentation to
circumvent anti-analysis tricks commonly used by malware - Apply taint analysis to detect
control hijacking and data leak attacks - Use symbolic execution to build automatic
exploitation tools With exercises at the end of each chapter to help solidify your skills
you'll go from understanding basic assembly to performing some of the most sophisticated binary
analysis and instrumentation. Practical Binary Analysis gives you what you need to work
effectively with binary programs and transform your knowledge from basic understanding to
expert-level proficiency.
