.

A good reverse-engineering book?

<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Wed Mar 17, 2010 7:17 am

A good reverse-engineering book?

Hi everyone,

I am looking for a good entry-level reverse-engineering book. I have come across these books:

1) The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler (2008)

2) Reversing: Secrets of Reverse Engineering (2005)

3) Hacking: The Art of Exploitation, 2nd Edition (2008)

4) The Shellcoder's Handbook: Discovering and Exploiting Security Holes (2007)

There are other ones, but these ones seem more popular.

I am a programmer and I took an x86 assembly language course 10 years ago (but I don't remember much!). I am looking for an introduction/hand holding book to start...

So, anyone into reverse-engineering?
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

zeroflaw

User avatar

Full Member
Full Member

Posts: 208

Joined: Fri Feb 12, 2010 10:41 am

Location: Holland, Den Helder

Post Wed Mar 17, 2010 8:54 am

Re: A good reverse-engineering book?

I've been really into reversing for the last couple of weeks!

I own all the books you listed. I'm halfway through Reversing: Secrets of Reverse Engineering and the IDA Pro Book. They're both very detailed and really clears things up. I like Secrets of Reverse Engineering better, but I can't really choose between the two, as they're both very good reads.

The Art of Exploitation focuses more on exploiting techniques, but will also be good for picking up some skills that are useful for reversing. I've read this book from cover to cover and I really really liked it! I haven't really started with the Shellcoders Handbook because I just got it last week.

I believe they're all must reads actually. Not so sure about the hand holding thing though.
Last edited by zeroflaw on Wed Mar 17, 2010 8:57 am, edited 1 time in total.
ZF
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Wed Mar 17, 2010 10:50 am

Re: A good reverse-engineering book?

Thanks zeroflaw!

I will probably start with "Reversing: Secrets of Reverse Engineering" since it looked good to me too.

And when I said "hand holding", I really meant the book explain at least a little bit what the 32 bit instruction pointer EIP is before playing with it. I wasn't looking at a "For Dummy" book! :)

On the same topic, do you use OllyDBG on Windows or another program?

Thanks
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Wed Mar 17, 2010 11:53 am

Re: A good reverse-engineering book?

You can find my review on Reversing - Secrets of Reverse Engineering here.

If you have the money and time, I would go with all books you have listed. I read all of them and thought of each that it was worth the read. I'll see if I can write reviews on those as well. ;)

Ollydbg is great too. ;)
<<

zeroflaw

User avatar

Full Member
Full Member

Posts: 208

Joined: Fri Feb 12, 2010 10:41 am

Location: Holland, Den Helder

Post Wed Mar 17, 2010 12:08 pm

Re: A good reverse-engineering book?

I think you will do just fine then. Most things are well explained. I found the experience from reading Hacking: Art of Exploitation and following through with the GDB debugger the most valuable. All of the registers and assembly instructions are well explained and how they translate to code.

But then again, I haven't finished the other books yet. Secrets of reversing seems to do a good job as well so far. Maybe someone else can tell you more about this book and the IDA Pro book.

I mostly use OlllyDbg, but sometime also use the freeware version of IDA Pro.
ZF
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Wed Mar 17, 2010 5:29 pm

Re: A good reverse-engineering book?

Thanks again guys,

Those these books also covert 64 Bit OS? I know the idea is the same between 32 bit and 64 bit, but you know...
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

phn1x

Newbie
Newbie

Posts: 26

Joined: Thu Feb 21, 2008 12:16 pm

Post Thu Mar 18, 2010 10:11 pm

Re: A good reverse-engineering book?

Although those are all great books you listed the teach concepts and I think what you are looking for is language type stuff.

First and foremost, the best way to go is start taking binaries apart and if you don't understand what an instruction does look it up in the intel manuals

http://www.intel.com/products/processor/manuals/

Secondly, Grab a great book

http://www.amazon.com/Assembly-Language ... 921&sr=8-6

Get mixed in with an RE community, you will come across some type of code that you've never seen before and you will need the help of someone who knows. Of course, don't ask a question if the answer is contained within the first few pages of google search results.

http://www.openrce.org
http://www.reddit.com/r/reverseEngineering

Another great Assembly guide, more so a quick start than anything else, is the appendix(s) of "Write Great Code", both of which are available for free.

http://nostarch.com/greatcode2.htm

Another resource you will need is on the Debugger you are using, and the disassembler. If you are Using IDA Pro, then hands down Chris Eagles book on IDA is the one to read. If you plan on using Immunity Debugger or Olly Debugger I'd spend some time going through the google pulling out tutorials and learn all you can about the debugger. If you plan on using WinDbg

http://www.amazon.com/Advanced-Windows- ... 251&sr=1-2

Cheers
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Fri Mar 19, 2010 6:46 am

Re: A good reverse-engineering book?

Man I like this forum!  ;D

Now I can't wait to finish PWB!

For what I understood so far, I should:

  • Get familiar with the intel x86 assembly language first
  • Then pick a debugger/disassembler and get to understand how it works
  • Get a few books on reverse engineering (mentioned above!)
  • Get mixed in the RE community
  • Practice, practice and practice...

It makes all good sense to me! I really hope what I have learned at university 10 years ago will come back to me quickly...

Thanks phn1x!
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

n1p

Jr. Member
Jr. Member

Posts: 89

Joined: Tue Mar 16, 2010 5:31 pm

Post Fri Mar 19, 2010 7:47 am

Re: A good reverse-engineering book?

Once you get over the difficulty of the initial few steps.. Subsequent learning becomes a whole lot easier.

So keep at it and you will get it. Additionally, any questions posed here will be readily answered!

cheers,
n1p

Return to Programming

Who is online

Users browsing this forum: No registered users and 2 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software