Practical Binary Analysis

Practical Binary Analysis

Build Your Own Linux Tools for Binary Instrumentation, Analysis, and Disassembly
by Dennis Andriesse
October 2018, 440 pp.
Use coupon code PREORDER to get 30% off!

Stop manually analyzing binary! Practical Binary Analysis is the first book of its kind to present advanced binary analysis topics, such as binary instrumentation, dynamic taint analysis, and symbolic execution, in an accessible way. After an introduction on the basics of binary formats, disassembly, and code injection, you’ll dive into more complex subjects, and by the end of the book, you’ll be able to build your own binary analysis tools. Practical Binary Analysis will help interested people become well-rounded binary analysts, who are capable of developing and exploring new ideas on their own.

Author Bio 

Dennis Andriesse has a Ph.D. in system and network security and uses binary analysis daily in his postdoctoral. He is one of the main contributors to PathArmor, a Control-Flow Integrity system which defends against control-flow hijacking attacks such as ROP. Andriesse was also one of the attack developers involved in the takedown of the GameOver Zeus P2P botnet.

Table of contents 


Part I: Binary Formats

Chapter 1: Anatomy of a Binary
Chapter 2: The ELF Format
Chapter 3: The PE Format: A Brief Introduction
Chapter 4: Building a Binary Loader Using libbfd

Part II: Binary Analysis Fundamentals

Chapter 5: Basic Binary Analysis in Linux
Chapter 6: Disassembly and Binary Analysis Fundamentals
Chapter 7: Simple Code Injection Techniques for ELF

Part III: Advanced Binary Analysis

Chapter 8: Customizing Disassembly
Chapter 9: Binary Instrumentation
Chapter 10: Principles of Dynamic Taint Analysis
Chapter 11: Practical Dynamic Taint Analysis with libdft
Chapter 12: Principles of Symbolic Execution
Chapter 13: Practical Symbolic Execution with Triton

Part IV: Appendices

Appendix A: A Crash Course on x86 Assembly
Appendix B: Implementing PT_NOTE Overwriting Using libelf
Appendix C: List of Binary Analysis Tools
Appendix D: Further Reading