- Добавил: literator
- Дата: 25-02-2023, 13:56
- Комментариев: 0
Название: Reversing Data Structures and Algorithms in Malware
Автор: Jason Reaves
Издательство: Leanpub
Год: 2020-05-13
Язык: английский
Формат: pdf (true), epub
Размер: 10.2 MB
Book walks through a number of real world examples for reverse engineering data structures and algorithms found in malware. Walk through a number of real world examples for reverse engineering data structures and algorithms found in malware in order to gradually introduce the reader to more advanced examples culminating in reverse engineering a C2 (Command and Control) protocol. There are many obstacles you encounter when doing malware analysis, from unpacking your first sample, mapping out your first routine or breaking into that malwares data encoding routine. One obstacle in particular I’ve seen give people problems more than others is being able to follow malware as it parses data, data that is sometimes seemingly random hex but instead used for configuration purposes that can depict how malware acts. One experience that seems to help people when reverse engineering these structures and the algorithms that process them is a past in low level development such as assembly or C programming, however this isn’t a luxury that everyone can come to malware analysis with such a background.
Автор: Jason Reaves
Издательство: Leanpub
Год: 2020-05-13
Язык: английский
Формат: pdf (true), epub
Размер: 10.2 MB
Book walks through a number of real world examples for reverse engineering data structures and algorithms found in malware. Walk through a number of real world examples for reverse engineering data structures and algorithms found in malware in order to gradually introduce the reader to more advanced examples culminating in reverse engineering a C2 (Command and Control) protocol. There are many obstacles you encounter when doing malware analysis, from unpacking your first sample, mapping out your first routine or breaking into that malwares data encoding routine. One obstacle in particular I’ve seen give people problems more than others is being able to follow malware as it parses data, data that is sometimes seemingly random hex but instead used for configuration purposes that can depict how malware acts. One experience that seems to help people when reverse engineering these structures and the algorithms that process them is a past in low level development such as assembly or C programming, however this isn’t a luxury that everyone can come to malware analysis with such a background.