Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation

LEARN THE SCIENCE AND CRAFT OF REVERSE ENGINEERING TO FIGHT HACKERS AND ROOTKITS Criminals increasingly are using malicious software (exploits, viruses, rootkits, etc.) for fraud, denial–of–service, intrusions, and espionage operations. Reverse engineering is the only method to thoroughly dissect and understand such software. So it is no surprise that reverse engineering is one of the most important subjects in information security. Unfortunately, it is often perceived as a mysterious and complex black art. Although reverse engineering is a difficult subject, the authors believe there is a scientific approach to it. Practical Reverse Engineering aims to demystify the art and systematize the reverse–engineering process for students and professionals. Discover a unique, systematic approach to reverse engineering that incorporates hands–on analysis with real–world malware Find detailed coverage of the three most popular processor architectures: x86, x64, and ARM Use this concise, structured treatment of the Windows kernel and kernel–mode drivers, featuring walk–throughs and exercises with real–world rootkits Learn sophisticated code–obfuscation techniques, such as those used in virtual machine protections, and how to deobfuscate them using program–analysis techniques Discover advanced debugging techniques to automate and streamline the reverse–engineering process Apply newly learned concepts with complete walk–throughs and exercises using real–world malware

Bruce Dang is a senior security development engineering lead at Microsoft focusing on Windows kernel and reverse engineering. Alexandre Gazet is a senior security researcher at QuarksLab focusing on reverse engineering and software protection. Elias Bachaalany is a software security engineer at Microsoft.