作为 NSA 十多年研发的成果,Ghidra 平台的开发旨在解决该机构一些最具挑战性的逆向工程问题。随着这个以前受限的工具套件的开源版本,世界上最强大的反汇编器和直观的反编译器之一现在掌握在世界各地的网络安全捍卫者手中——Ghidra Book 是您需要掌握它的唯一指南。
除了讨论可用于分析各种软件和恶意软件的 RE 技术外,本书还全面介绍了 Ghidra 的组件、功能和独特的团队协作能力。您将学习如何:
导航拆卸使用 Ghidra 的内置反编译器加速分析分析混淆的二进制文件扩展 Ghidra 以识别新的数据类型构建新的 Ghidra 分析器和加载器添加对新处理器和指令集的支持为 Ghidra 任务编写脚本以自动化工作流程设置和使用协作逆向工程环境
The Ghidra Book 专为初学者和高级用户设计,将有效地让您准备好迎接 RE 的需求和挑战,让您可以像专业人士一样分析文件。
(Description:DANCE WITH THE DRAGON
The result of more than a decade of research and development within the NSA, the Ghidra platform was developed to address some of the agency’s most challenging reverse-engineering problems. With the open-source release of this formerly restricted tool suite, one of the world’s most capable disassemblers and intuitive decompilers is now in the hands of cybersecurity defenders everywhere — and The Ghidra Book is the one and only guide you need to master it.
In addition to discussing RE techniques useful in analyzing software and malware of all kinds, the book thoroughly introduces Ghidra’s components, features, and unique capacity for group collaboration. You’ll learn how to:
Navigate a disassemblyUse Ghidra’s built-in decompiler to expedite analysisAnalyze obfuscated binariesExtend Ghidra to recognize new data typesBuild new Ghidra analyzers and loadersAdd support for new processors and instruction setsScript Ghidra tasks to automate workflowsSet up and use a collaborative reverse engineering environment
Designed for beginner and advanced users alike, The Ghidra Book will effectively prepare you to meet the needs and challenges of RE, so you can analyze files like a pro.)