Description
Learn how to use Ghidra to analyze your code for potential vulnerabilities and effectively examine malware and network threats Key Features Make the most of Ghidra on different platforms such as Linux, Windows, and macOS Leverage a variety of plug-ins and extensions to perform disassembly, assembly, decompilation, and scripting Learn advanced concepts of remote and kernel debugging and reverse engineer real-world malware samples Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionWritten by an industry expert with over a decade of experience in security research, reverse engineering, and binary exploitation, this book is a complete guide to using Ghidra for examining malware, making patches, and extending tool features for your cybersecurity needs. This updated edition shows you how to implement the features of Ghidra and automate reverse engineering tasks with Ghidra plug-ins. You'll find out how to set up an environment for malware analysis with Ghidra and use it in headless mode. You'll use Ghidra scripting to automate finding vulnerabilities in executable binaries. The chapters also cover complex topics such as making Ghidra plug-ins, adding new binary formats, analyzing processor modules, and contributing to the Ghidra project. This edition features advanced topics such as remote and kernel debugging and binary diffing, along with their practical uses, especially in malware analysis. You'll learn how to use Ghidra to unpack malware and analyze modern ransomware, giving you the skills to handle real-world cybersecurity challenges. By the end of this Ghidra book, you'll be well-equipped to use Ghidra for analyzing and avoiding potential vulnerabilities in code, extending Ghidra for advanced reverse engineering, and applying these skills to real-world scenarios.What you will learn Get to grips with using Ghidra's features, plug-ins, and extensions Familiarize yourself with reverse engineering and perform binary auditing Become well-versed with developing your own Ghidra extensions Find out how to use Ghidra in headless mode Extend Ghidra for advanced reverse engineering Discover how to perform remote and kernel debugging Apply your skills to real-world malware analysis scenarios including ransomware analysis Automate the task of looking for vulnerabilities in executable binaries using Ghidra scripting Who this book is forThis book is for software engineers, security researchers, and anyone who works with software development and testing on a daily basis. Individuals who want to start their career in the security industry as a malware or vulnerability researcher will also find this book helpful. Prior knowledge of Java or python, along with experience in programming or developing application is required before getting started with this book.
About the Author
Ravikant Tiwari is a senior security researcher at Microsoft, where he works on Windows Defender and machine learning. He has over 13 years of experience in security research, reverse engineering, and binary exploitation. He has worked with leading companies such as McAfee, FireEye, Comodo, and Acronis, and has reversed and decrypted various complex malware. He is also a certified ethical hacker, a frequent speaker at security conferences such as RSA, and a patent holder in threat detection technology. He is passionate about AI, malware and cybersecurity. He holds a bachelor's degree in computer science engineering and publishes blog posts on security topics. A. P. David is a senior malware analyst and reverse engineer. He has more than 7 years of experience in IT, having worked on his own antivirus product, and later as a malware analyst and reverse engineer. He started working for a company mostly reverse engineering banking malware and helping to automate the process. After that, he joined the critical malware department of an antivirus company. He is currently working as a security researcher at the Galician Research and Development Center in Advanced Telecommunications (GRADIANT) while doing a malware-related PhD. Apart from that, he has also hunted vulnerabilities for some relevant companies in his free time, including Microsoft's Windows 10 and National Security Agency's Ghidra project.
Book Information
ISBN 9781835889824
Author Ravikant Tiwari
Format Paperback
Imprint Packt Publishing Limited
Publisher Packt Publishing Limited
About the Author
Ravikant Tiwari is a senior security researcher at Microsoft, where he works on Windows Defender and machine learning. He has over 13 years of experience in security research, reverse engineering, and binary exploitation. He has worked with leading companies such as McAfee, FireEye, Comodo, and Acronis, and has reversed and decrypted various complex malware. He is also a certified ethical hacker, a frequent speaker at security conferences such as RSA, and a patent holder in threat detection technology. He is passionate about AI, malware and cybersecurity. He holds a bachelor's degree in computer science engineering and publishes blog posts on security topics. A. P. David is a senior malware analyst and reverse engineer. He has more than 7 years of experience in IT, having worked on his own antivirus product, and later as a malware analyst and reverse engineer. He started working for a company mostly reverse engineering banking malware and helping to automate the process. After that, he joined the critical malware department of an antivirus company. He is currently working as a security researcher at the Galician Research and Development Center in Advanced Telecommunications (GRADIANT) while doing a malware-related PhD. Apart from that, he has also hunted vulnerabilities for some relevant companies in his free time, including Microsoft's Windows 10 and National Security Agency's Ghidra project.
Book Information
ISBN 9781835889824
Author Ravikant Tiwari
Format Paperback
Imprint Packt Publishing Limited
Publisher Packt Publishing Limited
