Binary Analysis Cookbook: Actionable recipes for disassembling and analyzing binaries for security risks

Explore open-source Linux tools and advanced binary analysis techniques to analyze malware, identify vulnerabilities in code, and mitigate information security risks

Key FeaturesAdopt a methodological approach to binary ELF analysis on LinuxLearn how to disassemble binaries and understand disassembled codeDiscover how and when to patch a malicious binary during analysisBook Description

Binary analysis is the process of examining a binary program to determine information security actions. It is a complex, constantly evolving, and challenging topic that crosses over into several domains of information technology and security.

This binary analysis book is designed to help you get started with the basics, before gradually advancing to challenging topics. Using a recipe-based approach, this book guides you through building a lab of virtual machines and installing tools to analyze binaries effectively. You’ll begin by learning about the IA32 and ELF32 as well as IA64 and ELF64 specifications. The book will then guide you in developing a methodology and exploring a variety of tools for Linux binary analysis. As you advance, you’ll learn how to analyze malicious 32-bit and 64-bit binaries and identify vulnerabilities. You’ll even examine obfuscation and anti-analysis techniques, analyze polymorphed malicious binaries, and get a high-level overview of dynamic taint analysis and binary instrumentation concepts.

By the end of the book, you’ll have gained comprehensive insights into binary analysis concepts and have developed the foundational skills to confidently delve into the realm of binary analysis.

What you will learnTraverse the IA32, IA64, and ELF specificationsExplore Linux tools to disassemble ELF binariesIdentify vulnerabilities in 32-bit and 64-bit binariesDiscover actionable solutions to overcome the limitations in analyzing ELF binariesInterpret the output of Linux tools to identify security risks in binariesUnderstand how dynamic taint analysis worksWho this book is for

This book is for anyone looking to learn how to dissect ELF binaries using open-source tools available in Linux. If you’re a Linux system administrator or information security professional, you’ll find this guide useful. Basic knowledge of Linux, familiarity with virtualization technologies and the working of network sockets, and experience in basic Python or Bash scripting will assist you with understanding the concepts in this book

Table of ContentsSetting Up The Lab32-bit Assembly on Linux And The ELF Specification64-bit Assembly on Linux and the ELF SpecificationCreating A Binary Analysis MethodologyLinux Tools for Binary AnalysisAnalyzing A Simple Bind ShellAnalyzing A Simple Reverse ShellIdentifying Vulnerabilities Understanding Anti-Analysis TechniquesA Simple Reverse Shell With PolymorphismAppendix: Dynamic Taint Analysis – the 30,000 Foot View

ASIN ‏ : ‎ B07XYVJ3LN
Publisher ‏ : ‎ Packt Publishing; 1st edition (September 20, 2019)
Publication date ‏ : ‎ September 20, 2019
Language ‏ : ‎ English
File size ‏ : ‎ 20234 KB
Text-to-Speech ‏ : ‎ Enabled
Screen Reader ‏ : ‎ Supported
Enhanced typesetting ‏ : ‎ Enabled
X-Ray ‏ : ‎ Not Enabled
Word Wise ‏ : ‎ Not Enabled
Print length ‏ : ‎ 398 pages