Thursday, March 29, 2012

Reverse Engineering books

"Practical Malware Analysis" by Michael Sikorski and Andrew Honig.
We can recommend this book for the beginners in RE. It gives good overview of the very basic techniques and tools each researcher must know.
Most common techniques are Basic (Initial) Static and Dynamic Analysis of the target to observe its behavior in the wild. Then Advanced Static and Dynamic Analysis to identify how that logic realized.
Short overview of the OllyDbg, IDA Pro and WinDbg is enough to start working with that very powerful tools. May be later you will find that IDA Pro covers almost all functionality of OllyDbg.
Described simple Anti-Disassembling, Anti-Debugging and Anti-VM techniques. Added notes on C++ reversing, Position Independent Code (PIC), 64-bit targets.