Ghidra Software Reverse-Engineering for Beginners: Master the art of debugging, from understanding code to mitigating threats, 2nd Edition

January 30, 2025 Books
Ghidra Software Reverse-Engineering for Beginners: Master the art of debugging, from understanding code to mitigating threats, 2nd Edition

English | 2025 | ISBN: 978-1835889824 | 446 Pages | EPUB | 47 MB

Learn how to use Ghidra to analyze your code for potential vulnerabilities and examine both malware and network threats

Key Features

  • Make the most of Ghidra on different platforms such as Linux, Windows, and macOS
  • Unlock the potential of plug-ins and extensions for disassembly, assembly, decompilation, and scripting
  • Learn advanced concepts like binary diffing, debugging, unpacking real-world malware samples, and reverse engineering ransomware

Written by David Álvarez Pérez, a senior malware analyst at Gen Digital Inc., and Ravikant Tiwari, a senior security researcher at Microsoft, with expertise in malware and threat detection, this book is a complete guide to using Ghidra for examining malware, making patches, and customizing its features for your cybersecurity needs.

This updated edition walks you through implementing Ghidra’s capabilities and automating reverse-engineering tasks with its plugins. You’ll learn how to set up an environment for practical malware analysis, use Ghidra in headless mode, and leverage Ghidra scripting to automate vulnerability detection in executable binaries. Advanced topics such as creating Ghidra plugins, adding new binary formats, analyzing processor modules, and contributing to the Ghidra project are thoroughly covered too.

This edition also simplifies complex concepts such as remote and kernel debugging and binary diffing, and their practical uses, especially in malware analysis. From unpacking malware to analyzing modern ransomware, you’ll acquire the skills necessary for handling real-world cybersecurity challenges.

By the end of this Ghidra book, you’ll be adept at avoiding potential vulnerabilities in code, extending Ghidra for advanced reverse-engineering, and applying your skills to strengthen your cybersecurity strategies.

What you will learn

  • Develop and integrate your own Ghidra extensions
  • Discover how to use Ghidra in headless mode
  • Extend Ghidra for advanced reverse-engineering
  • Perform binary differencing for use cases such as patch and vulnerability analysis
  • Perform debugging locally and in a remote environment
  • Apply your skills to real-world malware analysis scenarios including ransomware analysis and unpacking malware
  • Automate vulnerability detection in executable binaries using Ghidra scripting
Homepage

Resolve the captcha to access the links!