Learn how to use Ghidra to analyze your code for potential vulnerabilities and examine both malware and network threats
Key Features
Make the most of Ghidra on different platforms such as Linux, Windows, and macOS Unlock the potential of plug-ins and extensions for disassembly, assembly, decompilation, and scripting Learn advanced concepts like binary diffing, debugging, unpacking real-world malware samples, and reverse engineering ransomware Purchase of the print or Kindle book includes a free PDF eBook
Book DescriptionWritten by David Álvarez Pérez, a senior malware analyst at Gen Digital Inc., and Ravikant Tiwari, a senior security researcher at Microsoft, with expertise in malware and threat detection, this book is a complete guide to using Ghidra for examining malware, making patches, and customizing its features for your cybersecurity needs. This updated edition walks you through implementing Ghidras capabilities and automating reverse-engineering tasks with its plugins. Youll learn how to set up an environment for practical malware analysis, use Ghidra in headless mode, and leverage Ghidra scripting to automate vulnerability detection in executable binaries. Advanced topics such as creating Ghidra plugins, adding new binary formats, analyzing processor modules, and contributing to the Ghidra project are thoroughly covered too. This edition also simplifies complex concepts such as remote and kernel debugging and binary diffing, and their practical uses, especially in malware analysis. From unpacking malware to analyzing modern ransomware, youll acquire the skills necessary for handling real-world cybersecurity challenges. By the end of this Ghidra book, youll be adept at avoiding potential vulnerabilities in code, extending Ghidra for advanced reverse-engineering, and applying your skills to strengthen your cybersecurity strategies.What you will learn
Develop and integrate your own Ghidra extensions Discover how to use Ghidra in headless mode Extend Ghidra for advanced reverse-engineering Perform binary differencing for use cases such as patch and vulnerability analysis Perform debugging locally and in a remote environment Apply your skills to real-world malware analysis scenarios including ransomware analysis and unpacking malware Automate vulnerability detection in executable binaries using Ghidra scripting
Who this book is forThis book is for software engineers, security researchers, and professionals working in software development and testing who want to deepen their expertise in reverse engineering and cybersecurity. Aspiring malware analysts and vulnerability researchers will also benefit greatly. Prior experience with Java or Python and a foundational understanding of programming is recommended.
