Hacker Disassembling Uncovered

I read the 2nd edition of this book, so I will be referring to it. First of all, let me tell you that is a VERY GOOD introduction to Reverse Engineering. If you are a beginner, you will get tons of useful and updated information from this book. For sure you will learn, and let me tell you that the info in this book is worth every penny. You will get hands-on experience not only on rev-eng, but also a very good idea about all the software around it. When you are new to the reverse-engineering world, it is very difficult to get started because of the amount of information on the net. Too much is sometimes less because you end up in circles from tutorial to tutorial, without making good bases. If you follow this book from cover to cover, you will "get it". You will learn. You will know how to debug/disassemble a program and patch it to alter the way it behaves. Warning: if you are a TOTAL beginner (who does not know any programming language at all) this book is not for you. Kris assumes that you know at least a bit of C. He won't get into the details of what a pointer is. You should know that if you want to do reversing. If you don't, learn a bit of C first, and then come back to this book. So, it's important to judge the book by what it is. It's not an introduction to computers or programming. It is a VERY GOOD introduction to Reverse Engineering. Having said that, let's start! Pros --> Easy to follow, full of useful and updated [2008] information. You will really learn a lot from it if you don't know how to use debuggers/disassemblers. You will learn a bit IDA, OllyDBG, Hiew, and more than a bit of Soft-ICE. Also, you will learn how to get started with API monitors, profilers, etc. <br /> <br />Cons --> The book has a few not-so-important errors, but you will catch'em if you are awake. The translation is not the best, and sometimes the words are mixed up a bit. <br /> <br />One caveat: I skip everything related to Unix/Linux because I do not rev-eng on those platforms. So, I will speak only about Windows chapters. <br /> <br />Chapter 1: it introduces the "tools of the trade" very well. It's really worth reading because knowing what tools are out there and what they can do for you will save a lot of time when reversing. API monitors and profilers are worth using if you want to get to the point fast. Reverse Engineering is not hard, what is hard sometimes is to find the exact piece of code that you need to reverse/change. Monitors and spies will help you to find those points faster. <br /> <br />Chapter 3: speaks about virtual machines and emulators. Excellent introduction to this area. Some programs (virus, trojans or any malware) may infect your computer. What could be better than having a virtual machine where you can try everything without fear? This is the point of the chapter. Differences between virtualization software. By the way, I personally use Virtual Box and I prefer it over VMWare. Reason? Speed! The startup-time of a frozen machin

This book is fantastic- one of a kind, by far :) Provided you've covered the basics, x86 assembly language- and C++, this book will teach you some of the absolute essential skills required in reversing commercial-level software. This book isn't a toy- it's the real thing, for serious programmers, researchers and experts in the field. It has a step by step introduction- and builds firmly upon previous chapters- covering various compilers; and how they generate serveral of the common constructs found in Higher Level languages. The section of Virtual Functions is a dime; combined with structures, arrays and many other important elements. A lot of work has gone into this book, and it definately shows. One reviewer gave this book a low rating, and claimed- "I had a no luck getting SoftICE to run correctly on Windows XP". That has got nothing to do with the author of the quality of this book. If you searched[..], you'll find there exists several patches you can get to make it run on Windows XP; IDA pro is availible commercially aswell, and dumpbin is provided with Visual Studio. It's an absolute winner for those wanting to go deeper into the core of computers/software.

The best part about this book is that besides all of the neat tricks it gives you, the layout is step-by-step. You can sit down with it using the CD and go through each exercise. I have recommended this book to all of my friends/co-workers that are either learning how to protect software they write to how to identify vulnerabilities in other programs. Knowing assembly helps, but this also presents it in a way that you can learn as you go.

First the good news: Very few books give a total picture of assembler code. Usually they are text books, but this is a real hands on book to learn lot of assembler structures. How does a programs laid out(executible file format), what library functions get statically linked, and how they are resolved, how does relocation works, how does loader loads etc., etc. You would find a long lasting knowledge from this book. IF YOU ARE A SYSTEM AND/OR KERNEL MODE PROGRAMMER, IT IS A MUST. But need to go thru the exercises...Bad news is that it seems like the examples are not tried out with MS visual studio 6.0. You will find the code generation is different, due to some inline library code (ie, strcmp() and others). It does have other mistakes in the programming, as well as in the text. Stack based code execution at the end of the book does not seem to do its job. But still it is an excellent book to read and go thru those examples to become fairly fluent with large assembler codes, and their working. WHEN THE INFORMATION BASE IS HUGE, LOOK FOR STRUCTURE, AVOID THE DETAIL UNTIL NEEDED, this is precisely this book follows. Nothing could be worse than ignorance, so go grab one !!!

I bought this book without my knowledge of the author. Its a quick read and spends the majority of the time explaining how to find programming structs in compiled code. Its aimed at windows and visual c++, and IDA Pro. With out much trouble I was able to follow along with linux, gcc, and objdump. If you are intrested in this subject, this book is a must.