Dan Kaminsky，IOActive公司的滲透測試主管。Dan自1999年起(在去Cisco及Avaya上班前)在安全圈內就非常活躍。使他廣為人知的是他在黑帽子大會上一係列的“Black Ops”演講，此外，他還是唯一一位齣席並在每屆微軟內部訓練活動“Blue Hat”上發言的人。Dan緻力於設計層麵的故障分析，特彆針對大規模的網絡應用程序。Dan經常收集世界各地互聯網的詳細健康數據，最近用這些數據檢測大部分rootkit在世界各地的繁殖情況。Dan是這個世界上少數幾個同時擁有技術專長及執行層谘詢技巧和能力的人。

If you want to master the art and science of reverse engineering code with IDA Pro for security R&D or software debugging, this is the book for you. Highly organized and sophisticated criminal entities are constantly developing more complex, obfuscated, and armored viruses, worms, Trojans, and botnets. IDA Pro's interactive interface and programmable development language provide you with complete control over code disassembly and debugging. This is the only book which focuses exclusively on the world's most powerful and popular took for reverse engineering code. Reverse Engineer Real Hostile Code - To follow along with this chapter, you must download a file called! Danger!Infectedmalware!Danger!...'nuff said. Download the Code! The companion Web site to this book offers up really evil code for you to reverse engineer and really nice code for you to automate tasks with the IDC Scripting Language. The title focuses on Portable Executable (PE) and Executable and Linking Formats (ELF). Understand the physical layout of PE and ELF files, and analyze the components that are essential to reverse engineering. Break hostile code armor and write your own Exploits. Understand execution flow, trace functions, recover hard coded passwords, find vulnerable functions, backtrace execution, and craft a buffer overflow. Master Debugging Debug in IDA Pro, use a debugger while reverse engineering, perform heap and stack access modification, and use other debuggers. Stop anti-reversing - Anti-reversing, like reverse engineering or coding in assembly, is an art form. The trick of course is to try to stop the person reversing the application. Find out how! Track a protocol through a binary and recover its message structure. Trace execution flow from a read event, determine the structure of a protocol, determine if the protocol has any undocumented messages, and use IDA Pro to determine the functions that process a particular message. Develop IDA Scripts and Plug-ins. Learn the basics of IDA scripting and syntax, and write IDC scripts and plug-ins to automate even the most complex tasks.