Hi everyone,

I am looking for a good entry-level reverse-engineering book. I have come across these books:

1) The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler (2008)

2) Reversing: Secrets of Reverse Engineering (2005)

3) Hacking: The Art of Exploitation, 2nd Edition (2008)

4) The Shellcoder's Handbook: Discovering and Exploiting Security Holes (2007)

There are other ones, but these ones seem more popular.

I am a programmer and I took an x86 assembly language course 10 years ago (but I don't remember much!). I am looking for an introduction/hand holding book to start...

So, anyone into reverse-engineering?

Thanks zeroflaw!

I will probably start with "Reversing: Secrets of Reverse Engineering" since it looked good to me too.

And when I said "hand holding", I really meant the book explain at least a little bit what the 32 bit instruction pointer EIP is before playing with it. I wasn't looking at a "For Dummy" book!

On the same topic, do you use OllyDBG on Windows or another program?

Thanks

I think you will do just fine then. Most things are well explained. I found the experience from reading Hacking: Art of Exploitation and following through with the GDB debugger the most valuable. All of the registers and assembly instructions are well explained and how they translate to code.

But then again, I haven't finished the other books yet. Secrets of reversing seems to do a good job as well so far. Maybe someone else can tell you more about this book and the IDA Pro book.

I mostly use OlllyDbg, but sometime also use the freeware version of IDA Pro.

Although those are all great books you listed the teach concepts and I think what you are looking for is language type stuff.

First and foremost, the best way to go is start taking binaries apart and if you don't understand what an instruction does look it up in the intel manuals

http://www.intel.com/products/processor/manuals/

Secondly, Grab a great book

http://www.amazon.com/Assembly-Language-Intel-Based-Computers-Textbook/dp/000501395X/ref=sr_1_6?ie=UTF8&s=books&qid=1268967921&sr=8-6

Get mixed in with an RE community, you will come across some type of code that you've never seen before and you will need the help of someone who knows. Of course, don't ask a question if the answer is contained within the first few pages of google search results.

http://www.openrce.org
http://www.reddit.com/r/reverseEngineering

Another great Assembly guide, more so a quick start than anything else, is the appendix(s) of "Write Great Code", both of which are available for free.

http://nostarch.com/greatcode2.htm

Another resource you will need is on the Debugger you are using, and the disassembler. If you are Using IDA Pro, then hands down Chris Eagles book on IDA is the one to read. If you plan on using Immunity Debugger or Olly Debugger I'd spend some time going through the google pulling out tutorials and learn all you can about the debugger. If you plan on using WinDbg

http://www.amazon.com/Advanced-Windows-Debugging-Mario-Hewardt/dp/0321374460/ref=sr_1_2?ie=UTF8&s=books&qid=1268968251&sr=1-2

Cheers

Once you get over the difficulty of the initial few steps.. Subsequent learning becomes a whole lot easier.

So keep at it and you will get it. Additionally, any questions posed here will be readily answered!

cheers,
n1p