Binary Analysis Cookbook

Binary Analysis Cookbook

by Michael Born
Binary Analysis Cookbook

Binary Analysis Cookbook

by Michael Born


Choose Expedited Shipping at checkout for delivery by Wednesday, December 7


Explore open-source Linux tools and advanced binary analysis techniques to analyze malware, identify vulnerabilities in code, and mitigate information security risks

  • Adopt a methodological approach to binary ELF analysis on Linux
  • Learn how to disassemble binaries and understand disassembled code
  • Discover how and when to patch a malicious binary during analysis

Binary analysis is the process of examining a binary program to determine information security actions. It is a complex, constantly evolving, and challenging topic that crosses over into several domains of information technology and security.

This binary analysis book is designed to help you get started with the basics, before gradually advancing to challenging topics. Using a recipe-based approach, this book guides you through building a lab of virtual machines and installing tools to analyze binaries effectively. You'll begin by learning about the IA32 and ELF32 as well as IA64 and ELF64 specifications. The book will then guide you in developing a methodology and exploring a variety of tools for Linux binary analysis. As you advance, you'll learn how to analyze malicious 32-bit and 64-bit binaries and identify vulnerabilities. You'll even examine obfuscation and anti-analysis techniques, analyze polymorphed malicious binaries, and get a high-level overview of dynamic taint analysis and binary instrumentation concepts.

By the end of the book, you'll have gained comprehensive insights into binary analysis concepts and have developed the foundational skills to confidently delve into the realm of binary analysis.

  • Traverse the IA32, IA64, and ELF specifications
  • Explore Linux tools to disassemble ELF binaries
  • Identify vulnerabilities in 32-bit and 64-bit binaries
  • Discover actionable solutions to overcome the limitations in analyzing ELF binaries
  • Interpret the output of Linux tools to identify security risks in binaries
  • Understand how dynamic taint analysis works

This book is for anyone looking to learn how to dissect ELF binaries using open-source tools available in Linux. If you’re a Linux system administrator or information security professional, you’ll find this guide useful. Basic knowledge of Linux, familiarity with virtualization technologies and the working of network sockets, and experience in basic Python or Bash scripting will assist you with understanding the concepts in this book

Related collections and offers

Product Details

ISBN-13: 9781789807608
Publisher: Packt Publishing
Publication date: 09/20/2019
Pages: 396
Product dimensions: 7.50(w) x 9.25(h) x 0.81(d)

About the Author

Michael Born is a senior security consultant for SecureSky, Inc. Michael has earned several industry certifications and has co-taught offensive-focused Python programming classes at OWASP AppSec USA, and AppSec Europe. He enjoys coding in Python, IA32, IA64, PowerShell, participating in, and designing, capture the flag (ctf) challenges, teaching and mentoring others looking to embark on a career in information security, and presenting on various information security topics at local chapters of well-known information security groups. Michael has served on the chapter board for his local OWASP chapter, is a lifetime OWASP member, and participates in the local DC402 group.

Table of Contents

Table of Contents
  1. Setting Up The Lab
  2. 32-bit Assembly on Linux And The ELF Specification
  3. 64-bit Assembly on Linux and the ELF Specification
  4. Creating A Binary Analysis Methodology
  5. Linux Tools for Binary Analysis
  6. Analyzing A Simple Bind Shell
  7. Analyzing A Simple Reverse Shell
  8. Identifying Vulnerabilities
  9. Understanding Anti-Analysis Techniques
  10. A Simple Reverse Shell With Polymorphism
  11. Appendix: Dynamic Taint Analysis - the 30,000 Foot View

Customer Reviews