Practical Binary Analysis - Build Your Own Linux Tools for Binary Instrumentation, Analysis, and Disassembly (Broché)

Modern malware can increasingly obfuscate itself and thwart analysis, and we need more sophisticated methods to raise that dark curtain of knowledge - binary analysis can help. The goal of binary analysis is to determine the true properties of binary programs to understand what they really do. While reverse engineering and disassembly are critical first steps, there is much more to be learned. Written for security engineers and hackers, this hands-on guide tackles the fascinating topics of binary analysis and instrumentation.
(Working knowledge of C/C++ is recommended, and a crash course on x86-64 is included.) Once you've reviewed the basic concepts and binary formats, you'll analyze binaries using techniques like the GNU/Linux binary analysis toolchain, disassembly, and code injection. You'll then implement profiling tools with Pin, build your own dynamic taint analysis tools with libdft, and more. Learn how to : Parse ELF and PE binaries and build a binary loader with libbfd ; Modify ELF binaries with techniques like parasitic code injection and hex editing ; Build custom disassembly tools with Capstone ; Use binary instrumentation to circumvent common anti-analysis tricks ; Apply taint analysis to detect control hijacking and data leak attacks ; Use symbolic execution to build automatic exploitation tools.
Exercises at the end of each chapter help you go from understanding basic assembly to performing sophisticated binary analysis and instrumentation. Practical Binary Analysis will help you reach expert-level proficiency.