April 2023
Intermediate to advanced
480 pages
12h 14m
English
Content preview from Blue Fox
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
CHAPTER 10Static Analysis
In Part I, “Arm Assembly Internals,” you learned about the most common instructions you will encounter in disassembly. Now it is time to apply that knowledge and learn how to analyze the program flow of a binary. The examples you will see in this chapter are simple and easy to follow, and going over them in detail will help you connect the dots between the bits and pieces you have already learned.
But what is static analysis? The term static analysis has a different meaning depending on who you ask. But there is one characteristic everyone agrees on: it's the analysis of a file in its static form, without any execution. In this chapter, static analysis refers to the low‐level analysis of a binary.
Static analysis is the precursor of dynamic analysis. To inspect a program during its execution, you need to understand its basic properties first. After all, you need to know the environment and resources a program needs for execution. Light static analysis helps you prepare the right environment and tools to analyze a file based on its file type and understand its structure based on its file format.
Often, gathering information about a file's basic properties isn't enough to continue with the dynamic analysis stage. In these cases, you need to identify the points in the code where you need to watch it interact with the system to gain a deeper understanding of its functionalities. For example, if a malicious binary performs network tasks, decrypts data, ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.