If you want to master the art and science of reverse engineering code with IDA Pro for security R&D or software debugging, this is the book for you. Highly organized and sophisticated criminal entities are constantly developing more complex, obfuscated, and armored viruses, worms, Trojans, and botnets. IDA Pro's interactive interface and programmable development language provide you with complete control over code disassembly and debugging. This is the only book which focuses exclusively on the world's most powerful and popular took for reverse engineering code. *Reverse Engineer REAL Hostile Code To follow along with this chapter, you must download a file called !DANGER!INFECTEDMALWARE!DANGER!... 'nuff said. *Download the Code! The companion Web site to this book offers up really evil code for you to reverse engineer and really nice code for you to automate tasks with the IDC Scripting Language. *Portable Executable (PE) and Executable and Linking Formats (ELF) Understand the physical layout of PE and ELF files, and analyze the components that are essential to reverse engineering. *Break Hostile Code Armor and Write your own Exploits Understand execution flow, trace functions, recover hard coded passwords, find vulnerable functions, backtrace execution, and craft a buffer overflow. *Master Debugging Debug in IDA Pro, use a debugger while reverse engineering, perform heap and stack access modification, and use other debuggers. *Stop Anti-Reversing Anti-reversing, like reverse engineering or coding in assembly, is an art form. The trick of course is to try to stop the person reversing the application. Find out how! *Track a Protocol through a Binary and Recover its Message Structure Trace execution flow from a read event, determine the structure of a protocol, determine if the protocol has any undocumented messages, and use IDA Pro to determine the functions that process a particular message. *Develop IDA Scripts and Plug-ins Learn the basics of IDA scripting and syntax, and write IDC scripts and plug-ins to automate even the most complex tasks.

Developers face problems created by others every day - when asked to maintain someone else's code, or when forced to use a third-party library without documentation. They might come across exactly the feature they need to implement but can't get hold of the source code. They might spend frustrating hours trying different solutions that don't work. Instead, the techniques in this book will teach developers to decompile, patch, and reverse-engineer applications, to better understand their implementation, and to work more efficiently with applications developed by others. Covert Java offers a unique approach to solving common Java problems, from combating obfuscation in code, to patching core classes to change the intended function of an application. Each chapter focuses on a technique that solves a specific problem - outlining the problem, demonstrating the solution, then suggesting additional ideas for developers to test out the technique. Many chapters include anecdotal examples of the technique in action, and finish with summaries to ensure developers understand the most crucial points of the chapter.

Computing hardware would have no value without software; software tells hardware what to do. Software therefore must have special authority within computing systems. All computer security problems stem from that fact, and Exploiting Software: How to Break Code shows you how to design your software so it's as resistant as possible to attack. Sure, everything's phrased in offensive terms (as instructions for the attacker, that is), but this book has at least as much value in showing designers what sorts of attacks their software will face (the book could serve as a checklist for part of a pre-release testing regimen). Plus, the clever reverse-engineering strategies that Greg Hoglund and Gary McGraw teach will be useful in many legitimate software projects. Consider this a recipe book for mayhem, or a compendium of lessons learned by others. It depends on your situation.