Foundations of Arm64 Linux Debugging, Disassembling, and Reversing: Analyze Code, Understand Stack Memory Usage, and Reconstruct Original C/C++ Code w
Vostokov, Dmitry
相關主題
商品描述
Gain a solid understanding of how Linux C and C++ compilers generate binary code. This book explains the reversing and binary analysis of ARM64 architecture now used by major Linux cloud providers and covers topics ranging from writing programs in assembly language, live debugging, and static binary analysis of compiled C and C++ code. It is ideal for those working with embedded devices, including mobile phones and tablets.
Using the latest version of Red Hat, you'll look closely at the foundations of diagnostics of core memory dumps, live and postmortem debugging of Linux applications, services, and systems. You'll also work with the GDB debugger and use it for disassembly and reversing. This book uses practical step-by-step exercises of increasing complexity with explanations and many diagrams, including some necessary background topics. In addition, you will be able to analyze such code confidently, understand stack memory usage, and reconstruct original C/C++ code.
And as you'll see, memory forensics, malware, and vulnerability analysis, require an understanding of ARM64 assembly language and how C and C++ compilers generate code, including memory layout and pointers. This book provides the background knowledge and practical foundations you'll need to understand internal Linux program structure and behavior.
Foundations of ARM64 Linux Debugging, Disassembling, and Reversing is the perfect companion to Foundations of Linux Debugging, Disassembling, and Reversing for readers interested in the cloud or cybersecurity.
What You'll Learn
- Review the basics of ARM64 assembly language
- Examine the essential GDB debugger commands for debugging and binary analysis
- Study C and C++ compiler code generation with and without compiler optimizations
- Look at binary code disassembly and reversing patterns
- See how pointers in C and C++ are implemented and used
Who This Book Is For
Software support and escalation engineers, cloud security engineers, site reliability engineers, DevSecOps, platform engineers, software testers, Linux C/C++ software engineers and security researchers without ARM64 assembly language background, and beginners learning Linux software reverse engineering techniques.
商品描述(中文翻譯)
深入了解Linux C和C++編譯器如何生成二進制代碼。本書解釋了主要Linux雲服務提供商現在使用的ARM64架構的反編譯和二進制分析,並涵蓋了從組合語言編寫程序、實時調試,到編譯的C和C++代碼的靜態二進制分析等主題。本書非常適合從事嵌入式設備開發的人員,包括手機和平板電腦。
使用最新版本的Red Hat,您將仔細研究核心內存轉儲的診斷基礎,以及對Linux應用程序、服務和系統的實時和事後調試。您還將使用GDB調試器進行反彙編和反編譯。本書通過漸進式的實踐步驟和解釋,以及許多圖表(包括一些必要的背景知識),使您能夠自信地分析此類代碼,了解堆棧內存使用情況,並重構原始的C/C++代碼。
正如您將看到的,內存取證、惡意軟件和漏洞分析需要對ARM64組合語言以及C和C++編譯器生成代碼(包括內存布局和指針)有一定的了解。本書提供了您理解內部Linux程序結構和行為所需的背景知識和實踐基礎。
《ARM64 Linux調試、反彙編和反編譯基礎》是《Linux調試、反彙編和反編譯基礎》的完美伴侶,適合對雲端或網絡安全感興趣的讀者。
您將學到什麼:
- 回顧ARM64組合語言的基礎知識
- 檢查GDB調試器的基本命令,用於調試和二進制分析
- 研究帶有和不帶有編譯器優化的C和C++編譯器代碼生成
- 查看二進制代碼的反彙編和反編譯模式
- 瞭解C和C++中指針的實現和使用方式
本書適合對ARM64組合語言沒有背景的軟件支持和升級工程師、雲安全工程師、網站可靠性工程師、DevSecOps、平台工程師、軟件測試人員、Linux C/C++軟件工程師和安全研究人員,以及初學Linux軟件逆向工程技術的初學者。
作者簡介
Dmitry Vostokov is an internationally recognized expert, speaker, educator, scientist, inventor, and author. He is the founder of the pattern-oriented software diagnostics, forensics, and prognostics discipline (Systematic Software Diagnostics), and Software Diagnostics Institute (DA+TA: DumpAnalysis.org + TraceAnalysis.org). Vostokov has also authored books on software diagnostics, anomaly detection and analysis, software and memory forensics, root cause analysis and problem solving, memory dump analysis, debugging, software trace and log analysis, reverse engineering, and malware analysis. He has over 25 years of experience in software architecture, design, development, and maintenance in various industries, including leadership, technical, and people management roles. In his spare time, he presents various topics on Debugging.TV and explores Software Narratology, its further development as Narratology of Things and Diagnostics of Things (DoT), Software Pathology, and Quantum Software Diagnostics. His current interest areas are theoretical software diagnostics and its mathematical and computer science foundations, application of formal logic, artificial intelligence, machine learning, and data mining to diagnostics and anomaly detection, software diagnostics engineering and diagnostics-driven development, diagnostics workflow, and interaction. Recent interest areas also include cloud native computing, security, automation, functional programming, and applications of category theory to software development and big data. He is based out of Dublin, Ireland.
作者簡介(中文翻譯)
Dmitry Vostokov是一位國際知名的專家、演講者、教育家、科學家、發明家和作家。他是模式導向軟體診斷、取證和預測學科(系統化軟體診斷)以及軟體診斷研究所(DA+TA: DumpAnalysis.org + TraceAnalysis.org)的創始人。Vostokov還撰寫了關於軟體診斷、異常檢測和分析、軟體和記憶體取證、根本原因分析和問題解決、記憶體轉儲分析、除錯、軟體追蹤和日誌分析、逆向工程和惡意軟體分析的書籍。他在軟體架構、設計、開發和維護等各個行業擁有超過25年的經驗,包括領導、技術和人員管理角色。在閒暇時間,他在Debugging.TV上介紹各種主題,並探索軟體敘事學、其作為事物敘事學和診斷事物(DoT)、軟體病理學和量子軟體診斷的進一步發展。他目前的興趣領域包括理論軟體診斷及其數學和計算機科學基礎、形式邏輯、人工智慧、機器學習和數據挖掘在診斷和異常檢測中的應用、軟體診斷工程和診斷驅動開發、診斷工作流程和互動。最近的興趣領域還包括原生雲計算、安全性、自動化、函數式編程以及範疇理論在軟體開發和大數據中的應用。他的基地位於愛爾蘭都柏林。