LEADER 00000nam a22004933i 4500 
001    EBC1629173 
003    MiAaPQ 
005    20200713055258.0 
006    m     o  d |       
007    cr cnu|||||||| 
008    200713s2014    xx      o     ||||0 eng d 
020    9781118787250|q(electronic bk.) 
020    |z9781118787311 
035    (MiAaPQ)EBC1629173 
035    (Au-PeEL)EBL1629173 
035    (CaPaEBR)ebr10837612 
035    (CaONFJC)MIL573950 
035    (OCoLC)874161575 
040    MiAaPQ|beng|erda|epn|cMiAaPQ|dMiAaPQ 
050  4 TA168.5 -- .D36 2014eb 
082 0  005.8 
100 1  Dang, Bruce 
245 10 Practical Reverse Engineering :|bX86, X64, ARM, Windows 
       Kernel, Reversing Tools, and Obfuscation 
250    1st ed 
264  1 New York :|bJohn Wiley & Sons, Incorporated,|c2014 
264  4 |c©2014 
300    1 online resource (384 pages) 
336    text|btxt|2rdacontent 
337    computer|bc|2rdamedia 
338    online resource|bcr|2rdacarrier 
505 0  Cover -- Title Page -- Copyright -- About the Authors -- 
       About the Technical Editor -- Credits -- Acknowledgments -
       - Contents -- Chapter 1 x86 and x64 -- Register Set and 
       Data Types -- Instruction Set -- Syntax -- Data Movement -
       - Exercise -- Arithmetic Operations -- Stack Operations 
       and Function Invocation -- Exercises -- Control Flow -- 
       System Mechanism -- Address Translation -- Interrupts and 
       Exceptions -- Walk-Through -- Exercises -- x64 -- Register
       Set and Data Types -- Data Movement -- Canonical Address -
       - Function Invocation -- Exercises -- Chapter 2 ARM -- 
       Basic Features -- Data Types and Registers -- System-Level
       Controls and Settings -- Introduction to the Instruction 
       Set -- Loading and Storing Data -- LDR and STR -- Other 
       Usage for LDR -- LDM and STM -- PUSH and POP -- Functions 
       and Function Invocation -- Arithmetic Operations -- 
       Branching and Conditional Execution -- Thumb State -- 
       Switch-Case -- Miscellaneous -- Just-in-Time and Self-
       Modifying Code -- Synchronization Primitives -- System 
       Services and Mechanisms -- Instructions -- Walk-Through --
       Next Steps -- Exercises -- Chapter 3 The Windows Kernel --
       Windows Fundamentals -- Memory Layout -- Processor 
       Initialization -- System Calls -- Interrupt Request Level 
       -- Pool Memory -- Memory Descriptor Lists -- Processes and
       Threads -- Execution Context -- Kernel Synchronization 
       Primitives -- Lists -- Implementation Details -- Walk-
       Through -- Exercises -- Asynchronous and Ad-Hoc Execution 
       -- System Threads -- Work Items -- Asynchronous Procedure 
       Calls -- Deferred Procedure Calls -- Timers -- Process and
       Thread Callbacks -- Completion Routines -- I/O Request 
       Packets -- Structure of a Driver -- Entry Points -- Driver
       and Device Objects -- IRP Handling -- A Common Mechanism 
       for User-Kernel Communication -- Miscellaneous System 
       Mechanisms -- Walk-Throughs -- An x86 Rootkit -- An x64 
       Rootkit 
505 8  Next Steps -- Exercises -- Building Confidence and 
       Solidifying Your Knowledge -- Investigating and Extending 
       Your Knowledge -- Analysis of Real-Life Drivers -- Chapter
       4 Debugging and Automation -- The Debugging Tools and 
       Basic Commands -- Setting the Symbol Path -- Debugger 
       Windows -- Evaluating Expressions -- Process Control and 
       Debut Events -- Registers, Memory, and Symbols -- 
       Breakpoints -- Inspecting Processes and Modules -- 
       Miscellaneous Commands -- Scripting with the Debugging 
       Tools -- Pseudo-Registers -- Aliases -- Language -- Script
       Files -- Using Scripts Like Functions -- Example Debug 
       Scripts -- Using the SDK -- Concepts -- Writing Debugging 
       Tools Extensions -- Useful Extensions, Tools, and 
       Resources -- Chapter 5 Obfuscation -- A Survey of 
       Obfuscation Techniques -- The Nature of Obfuscation: A 
       Motivating Example -- Data-Based Obfuscations -- Control-
       Based Obfuscation -- Simultaneous Control-Flow and Data-
       Flow Obfuscation -- Achieving Security by Obscurity -- A 
       Survey of Deobfuscation Techniques -- The Nature of 
       Deobfuscation: Transformation Inversion -- Deobfuscation 
       Tools -- Practical Deobfuscation -- Case Study -- First 
       Impressions -- Analyzing Handlers Semantics -- Symbolic 
       Execution -- Solving the Challenge -- Final Thoughts -- 
       Exercises -- Appendix Sample Names and Corresponding SHA1 
       Hashes -- Index -- EULA 
520    Analyzing how hacks are done, so as to stop them in the 
       future Reverse engineering is the process of analyzing 
       hardware or software and understanding it, without having 
       access to the source code or design documents. Hackers are
       able to reverse engineer systems and exploit what they 
       find with scary results. Now the good guys can use the 
       same tools to thwart these threats. Practical Reverse 
       Engineering goes under the hood of reverse engineering for
       security analysts, security engineers, and system 
       programmers, so they can learn how to use these same 
       processes to stop hackers in their tracks. The book covers
       x86, x64, and ARM (the first book to cover all three); 
       Windows kernel-mode code rootkits and drivers; virtual 
       machine protection techniques; and much more. Best of all,
       it offers a systematic approach to the material, with 
       plenty of hands-on exercises and real-world examples. 
       Offers a systematic approach to understanding reverse 
       engineering, with hands-on exercises and real-world 
       examples Covers x86, x64, and advanced RISC machine (ARM) 
       architectures as well as deobfuscation and virtual machine
       protection techniques Provides special coverage of Windows
       kernel-mode code (rootkits/drivers), a topic not often 
       covered elsewhere, and explains how to analyze drivers 
       step by step Demystifies topics that have a steep learning
       curve Includes a bonus chapter on reverse engineering 
       tools Practical Reverse Engineering: Using x86, x64, ARM, 
       Windows Kernel, and Reversing Tools provides crucial, up-to
       -date guidance for a broad range of IT professionals 
588    Description based on publisher supplied metadata and other
       sources 
590    Electronic reproduction. Ann Arbor, Michigan : ProQuest 
       Ebook Central, 2020. Available via World Wide Web. Access 
       may be limited to ProQuest Ebook Central affiliated 
       libraries 
650  0 Reverse engineering 
655  4 Electronic books 
700 1  Gazet, Alexandre 
700 1  Bachaalany, Elias 
700 1  Josse, Sébastien 
700 1  Josse, Sebastien 
776 08 |iPrint version:|aDang, Bruce|tPractical Reverse 
       Engineering : X86, X64, ARM, Windows Kernel, Reversing 
       Tools, and Obfuscation|dNew York : John Wiley & Sons, 
       Incorporated,c2014|z9781118787311 
856 40 |uhttps://ebookcentral.proquest.com/lib/sinciatw/
       detail.action?docID=1629173|zClick to View