Artículos relacionados a The Ghidra Book: The Definitive Guide
Sinopsis
A guide to using the Ghidra software reverse engineering tool suite.
The result of more than a decade of research and development within the NSA, the Ghidra platform was developed to address some of the agency's most challenging reverse-engineering problems. With the open-source release of this formerly restricted tool suite, one of the world's most capable disassemblers and intuitive decompilers is now in the hands of cybersecurity defenders everywhere -- and The Ghidra Book is the one and only guide you need to master it.
In addition to discussing RE techniques useful in analyzing software and malware of all kinds, the book thoroughly introduces Ghidra's components, features, and unique capacity for group collaboration. You'll learn how to:
Designed for beginner and advanced users alike, The Ghidra Book will effectively prepare you to meet the needs and challenges of RE, so you can analyze files like a pro.
"Sinopsis" puede pertenecer a otra edición de este libro.
Acerca del autor
Chris Eagle has been reverse engineering software for 40 years. He is the author of The IDA Pro Book (No Starch Press) and is a highly sought-after provider of reverse engineering training. He has published numerous reverse engineering tools and given numerous talks at conferences such as Blackhat, Defcon, and Shmoocon.
Dr. Kara Nance is a private security consultant. She has been a professor of computer science for many years. She has served on the Honeynet Project Board of Directors and has given numerous talks at conferences around the world. She enjoys building Ghidra extensions and regularly provides Ghidra training
Fragmento. © Reproducción autorizada. Todos los derechos reservados.
INTRODUCTION
Our goal in writing this book is to provide a resource that introduces Ghidra to both current and future reverse engineers. In the hands of a skilled reverse engineer, Ghidra streamlines the analysis process and allows users to customize and extend its capabilities to suit their individual needs and improve their workflows. Ghidra is also very accessible to new reverse engineers, particularly with its included decompiler that can help them more clearly understand the relationships between high-level language and disassembly listings as they begin exploring the world of binary analysis.
Writing a book about Ghidra is a challenging undertaking. Ghidra is a complex open source reverse engineering tool suite that is continually evolving. Our words describe a moving target, as the Ghidra community continues to improve and extend its capabilities. As with many new open source projects, Ghidra has begun its public life with a rapid string of evolutionary releases. A primary goal while writing this book has been to ensure that as Ghidra evolves, the book’s content continues to provide readers with a wide and deep foundation of knowledge to understand and effectively utilize current and future Ghidra versions to address their reverse engineering challenges. As much as possible, we have tried to keep the book version-agnostic. Fortunately, new releases of Ghidra are well-documented, with detailed listings of changes that provide version-specific guidance should you encounter any differences between the book and your version of Ghidra.
About This Book
This book is the first comprehensive book about Ghidra. It is intended to be an all-encompassing resource for reverse engineering with Ghidra. It provides introductory content to bring new explorers to the reverse engineering world, advanced content to extend the worldview of experienced reverse engineers, and examples for rookie and veteran Ghidra developers alike to continue to extend Ghidra’s extensive capabilities and become contributors to the Ghidra community.
Who Should Read This Book?
This book is intended for aspiring and experienced software reverse engineers. If you don’t already have reverse engineering experience, that’s okay, as the early chapters provide the background material necessary to introduce you to reverse engineering and enable you to explore and analyze binaries with Ghidra. Experienced reverse engineers who want to add Ghidra to their toolkits might choose to move quickly through the first two parts to gain a basic understanding of Ghidra and then jump to specific chapters of interest. Experienced Ghidra users and developers may choose to focus on the later chapters so that they can create new Ghidra extensions and can apply their experience and knowledge to contribute new content to the Ghidra project.
What’s in This Book?
The book is divided into five parts. Part I introduces disassembly, reverse engineering, and the Ghidra project. Part II covers basic Ghidra usage. Part III demonstrates ways you can customize and automate Ghidra to make it work for you. Part IV takes a deeper dive into explaining specific types of Ghidra modules and supporting concepts. Part V demonstrates how Ghidra can be applied to some real-world situations a reverse engineer is likely to encounter.
Part I: Introduction
Chapter 1: Introduction to Disassembly
This introductory chapter walks you through the theory and practice of disassembly and discusses some of the pros and cons associated with the two common disassembly algorithms.
Chapter 2: Reversing and Disassembly Tools
This chapter discusses the major categories of tools available for reverse engineering and disassembly.
Chapter 3: Meet Ghidra
Here you get to meet Ghidra and learn a little bit about its origin and how you can obtain and start using this free open source tool suite.
Part II: Basic Ghidra Usage
Chapter 4: Getting Started with Ghidra
Your journey with Ghidra begins in this chapter. You’ll get your first glimpse of Ghidra in action as you create a project, analyze a file, and begin to understand the Ghidra graphical user interface (GUI).
Chapter 5: Ghidra Data Displays
Here you’ll be introduced to the CodeBrowser, Ghidra’s main tool for file analysis. You’ll also explore the primary CodeBrowser display windows.
Chapter 6: Making Sense of a Ghidra Disassembly
This chapter explores the concepts that are fundamental to understanding and navigating Ghidra disassemblies.
Chapter 7: Disassembly Manipulation
In this chapter, you’ll learn to supplement Ghidra’s analysis and manipulate a Ghidra disassembly as part of your own analysis process.
Chapter 8: Data Types and Data Structures
In this chapter, you will learn how to manipulate and define simple and complex data structures found within compiled programs.
Chapter 9: Cross-References
This chapter provides a detailed look at cross-references, how they support graphing, and the critical role they play in understanding a program’s behavior.
Chapter 10: Graphs
This chapter introduces you to Ghidra’s graphing capabilities and the use of graphs as binary analysis tools.
Part III: Making Ghidra Work for You
Chapter 11: Collaborative SRE
This chapter presents a unique capability within Ghidra—using Ghidra as a collaborative tool. You will learn how to configure a Ghidra server and share projects with other analysts.
Chapter 12: Customizing Ghidra
Here you begin to see how you can customize Ghidra by configuring projects and tools to support your individual analysis workflows.
Chapter 13: Extending Ghidra’s Worldview
This chapter teaches you how to generate and apply library signatures and other specialized content so that Ghidra can recognize new binary constructs.
Chapter 14: Basic Ghidra Scripting
In this chapter, you’ll be introduced to the basic Ghidra scripting capabilities in Python and Java using Ghidra’s inline editor.
Chapter 15: Eclipse and GhidraDev
This chapter takes your Ghidra scripting to a whole new level by integrating Eclipse into Ghidra and exploring the powerful scripting capabilities that this combination provides, including a worked example of building a new analyzer.
Chapter 16: Ghidra in Headless Mode
You’ll be introduced to the use of Ghidra in headless mode, where no GUI is required. You will quickly understand the advantage of this mode for common large-scale repetitive tasks.
Part IV: A Deeper Dive
Chapter 17: Ghidra Loaders
Here you’ll take a deep dive into how Ghidra imports and loads files. You will have the opportunity to build new loaders to handle previously unrecognized file types.
Chapter 18: Ghidra Processors
This chapter introduces you to Ghidra’s SLEIGH language for defining processor architectures. You will explore the process for adding new processors and instructions to Ghidra.
Chapter 19: The Ghidra Decompiler
Here you’ll be provided with a closer look at one of Ghidra’s most popular features: the Ghidra Decompiler. You will see how it works behind the scenes and how it can contribute to your analysis process.
Chapter 20: Compiler Variations
This chapter helps you understand the variations you can expect to see in code compiled using different compilers and targeting different platforms.
Part V: Real-World Application
Chapter 21: Obfuscated Code Analysis
You’ll learn how to use Ghidra to analyze obfuscated code in a static context so that the code doesn’t need to be executed.
Chapter 22: Patching Binaries
This chapter teaches you some methods for using Ghidra to patch binaries during analysis, both within Ghidra itself and to create new patched versions of the original binaries.
Chapter 23: Binary Differencing and Version Tracking
This final chapter provides an overview of the Ghidra features that allow you to identify differences between two binaries as well as a brief introduction to Ghidra’s advanced version tracking capabilities.
Appendix: Ghidra for IDA Users
If you are an experienced IDA user, this appendix will provide you with tips and tricks for mapping IDA terminology and usage to similar functionality in Ghidra.
"Sobre este título" puede pertenecer a otra edición de este libro.
Comprar nuevo
Ver este artículo
EUR 47,49
EUR 4,91 gastos de envío desde Reino Unido a España
Destinos, gastos y plazos de envíoResultados de la búsqueda para The Ghidra Book: The Definitive Guide
Imagen de archivo
The Ghidra Book: The Definitive Guide
Publicado por
No Starch Press, 2020
ISBN 10: 1718501021
ISBN 13: 9781718501027
Antiguo o usado
Tapa blanda
Librería: medimops, Berlin, Alemania
Calificación del vendedor: 5 de 5 estrellas
Condición: very good. Gut/Very good: Buch bzw. Schutzumschlag mit wenigen Gebrauchsspuren an Einband, Schutzumschlag oder Seiten. / Describes a book or dust jacket that does show some signs of wear on either the binding, dust jacket or pages. Nº de ref. del artículo: M01718501021-V
Cantidad disponible: 1 disponibles
Imagen de archivo
The Ghidra Book
Librería: PBShop.store UK, Fairford, GLOS, Reino Unido
Calificación del vendedor: 5 de 5 estrellas
PAP. Condición: New. New Book. Shipped from UK. Established seller since 2000. Nº de ref. del artículo: DB-9781718501027
Cantidad disponible: 3 disponibles
Imagen del vendedor
Ghidra Book : The Definitive Guide
Publicado por
No Starch Press, 2020
ISBN 10: 1718501021
ISBN 13: 9781718501027
Antiguo o usado
Tapa blanda
Librería: GreatBookPrices, Columbia, MD, Estados Unidos de America
Calificación del vendedor: 5 de 5 estrellas
Condición: As New. Unread book in perfect condition. Nº de ref. del artículo: 40972677
Cantidad disponible: Más de 20 disponibles
Imagen del vendedor
Ghidra Book : The Definitive Guide
Librería: GreatBookPrices, Columbia, MD, Estados Unidos de America
Calificación del vendedor: 5 de 5 estrellas
Condición: New. Nº de ref. del artículo: 40972677-n
Cantidad disponible: Más de 20 disponibles
Imagen de archivo
The Ghidra Book
Librería: Books Puddle, New York, NY, Estados Unidos de America
Calificación del vendedor: 4 de 5 estrellas
Condición: New. pp. 640. Nº de ref. del artículo: 26376886666
Cantidad disponible: 3 disponibles
Imagen de archivo
The Ghidra Book: A Definitive Guide
Librería: Kennys Bookshop and Art Galleries Ltd., Galway, GY, Irlanda
Calificación del vendedor: 5 de 5 estrellas
Condición: New. 2021. Paperback. . . . . . Nº de ref. del artículo: V9781718501027
Cantidad disponible: 15 disponibles
Imagen del vendedor
The Ghidra Book
Publicado por
No Starch Press,US, US, 2020
ISBN 10: 1718501021
ISBN 13: 9781718501027
Nuevo
Paperback
Librería: Rarewaves USA, OSWEGO, IL, Estados Unidos de America
Calificación del vendedor: 5 de 5 estrellas
Paperback. Condición: New. The Ghidra Book teaches readers how to use Ghidra to answer the hardest problems about software behavior. It is a tutorial about Ghidra's features that includes examples and instructions on how to use and modify the open source software to make it meet the needs of any individual or organisation. Nº de ref. del artículo: LU-9781718501027
Cantidad disponible: Más de 20 disponibles
Imagen de archivo
THE GHIDRA BOOK
Librería: Speedyhen, London, Reino Unido
Calificación del vendedor: 5 de 5 estrellas
Condición: NEW. Nº de ref. del artículo: NW9781718501027
Cantidad disponible: 2 disponibles
Imagen del vendedor
The Ghidra Book
Publicado por
No Starch Press,US, US, 2020
ISBN 10: 1718501021
ISBN 13: 9781718501027
Nuevo
Paperback
Librería: Rarewaves.com UK, London, Reino Unido
Calificación del vendedor: 5 de 5 estrellas
Paperback. Condición: New. The Ghidra Book teaches readers how to use Ghidra to answer the hardest problems about software behavior. It is a tutorial about Ghidra's features that includes examples and instructions on how to use and modify the open source software to make it meet the needs of any individual or organisation. Nº de ref. del artículo: LU-9781718501027
Cantidad disponible: Más de 20 disponibles
Imagen de archivo
The Ghidra Book: A Definitive Guide
Publicado por
No Starch Press,US, 2020
ISBN 10: 1718501021
ISBN 13: 9781718501027
Nuevo
Paperback / softback
Librería: THE SAINT BOOKSTORE, Southport, Reino Unido
Calificación del vendedor: 5 de 5 estrellas
Paperback / softback. Condición: New. New copy - Usually dispatched within 4 working days. 1153. Nº de ref. del artículo: B9781718501027
Cantidad disponible: 3 disponibles