Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Ghidra Software Reverse Engineering for Beginners
  • Table Of Contents Toc
  • Feedback & Rating feedback
Ghidra Software Reverse Engineering for Beginners

Ghidra Software Reverse Engineering for Beginners

By : A. P. David
4.6 (8)
close
close
Ghidra Software Reverse Engineering for Beginners

Ghidra Software Reverse Engineering for Beginners

4.6 (8)
By: A. P. David

Overview of this book

Ghidra, an open source software reverse engineering (SRE) framework created by the NSA research directorate, enables users to analyze compiled code on any platform, whether Linux, Windows, or macOS. This book is a starting point for developers interested in leveraging Ghidra to create patches and extend tool capabilities to meet their cybersecurity needs. You'll begin by installing Ghidra and exploring its features, and gradually learn how to automate reverse engineering tasks using Ghidra plug-ins. You’ll then see how to set up an environment to perform malware analysis using Ghidra and how to use it in the headless mode. As you progress, you’ll use Ghidra scripting to automate the task of identifying vulnerabilities in executable binaries. The book also covers advanced topics such as developing Ghidra plug-ins, developing your own GUI, incorporating new process architectures if needed, and contributing to the Ghidra project. By the end of this Ghidra book, you’ll have developed the skills you need to harness the power of Ghidra for analyzing and avoiding potential vulnerabilities in code and networks.
Table of Contents (20 chapters)
close
close
1
Section 1: Introduction to Ghidra
6
Section 2: Reverse Engineering
12
Section 3: Extending Ghidra

Summary

In this chapter, you learned how to use Ghidra to automatically audit program binaries to hunt for bugs on them. We started scripting to look for vulnerable functions in the symbols table, then we continued by looking for the callers of those functions, and, finally, we analyzed the caller functions to determine whether those functions are vulnerable or not.

You learned how to script a binary auditing process using Ghidra and how to do so using PCode and its benefits. You also learned why PCode cannot entirely substitute for assembly language in manual analysis.

In the next chapter of this book, we will cover how to extend Ghidra using plugins. We mentioned this in Chapter 4, Using Ghidra Extensions, but this topic deserves special mention because it allows you to deeply extend Ghidra in a powerful way.

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
bookmark search playlist download font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY