The Ghidra Book

The Ghidra Book

The Definitive Guide
by Chris Eagle and Kara Nance
September 2020, 608 pp.
ISBN-13: 
9781718501027
Use coupon code PREORDER to get 25% off!

Download Chapter 2: REVERSING AND DISASSEMBLY TOOLS


Look Inside!

The Ghidra BookThe Ghidra Book Page 3The Ghidra Book Page 43The Ghidra Book Page 63The Ghidra Book Page 212

DANCE WITH THE DRAGON

The result of more than a decade of research and development within the NSA, the Ghidra platform was developed to address some of the agency’s most challenging reverse-engineering problems. With the open-source release of this formerly restricted tool suite, one of the world’s most capable disassemblers and intuitive decompilers is now in the hands of cybersecurity defenders everywhere — and The Ghidra Book is the one and only guide you need to master it.

In addition to discussing RE techniques useful in analyzing software and malware of all kinds, the book thoroughly introduces Ghidra’s components, features, and unique capacity for group collaboration. You’ll learn how to:

  • Navigate a disassembly
  • Use Ghidra’s built-in decompiler to expedite analysis
  • Analyze obfuscated binaries
  • Extend Ghidra to recognize new data types
  • Build new Ghidra analyzers and loaders
  • Add support for new processors and instruction sets
  • Script Ghidra tasks to automate workflows
  • Set up and use a collaborative reverse engineering environment

Designed for beginner and advanced users alike, The Ghidra Book will effectively prepare you to meet the needs and challenges of RE, so you can analyze files like a pro.

Author Bio 

Chris Eagle has been reverse engineering software for 40 years. He is the author of The IDA Pro Book (No Starch Press) and is a highly sought after provider of reverse engineering training.

Dr. Kara Nance is a private security consultant and has been a professor of computer science for many years. She has given numerous talks at conferences around the world and enjoys building Ghidra extensions as well as providing Ghidra training.

Table of contents 

View the detailed Table of Contents

Introduction

Chapter 1: Introduction to Disassembly
Chapter 2: Reversing and Disassembly Tools
Chapter 3: Meet Ghidra
Chapter 4: Getting Started with Ghidra
Chapter 5: Ghidra Data Displays
Chapter 6: Making Sense of a Ghidra Disassembly
Chapter 7: Disassembly Manipulation
Chapter 8: Data Types and Data Structures
Chapter 9: Cross-References
Chapter 10: Graphs
Chapter 11: Collaborative SRE with Ghidra
Chapter 12: Customizing Ghidra
Chapter 13: Extending Ghidra’s Worldview
Chapter 14: Basic Ghidra Scripting
Chapter 15: Eclipse and GhidraDev
Chapter 16: Ghidra in Headless Mode
Chapter 17: Ghidra Loaders
Chapter 18: Ghidra Processors
Chapter 19: The Ghidra Decompiler
Chapter 20: Compiler Variations
Chapter 21: Obfuscated Code Analysis
Chapter 22: Patching Binaries
Chapter 23: Binary Differencing and Version Tracking
Appendix: Ghidra for IDA Users