3. Program Analysis

In the last chapter, we tried to illustrate the way a cracker might go about removing protection code from a program by walking you through an attack. That attack was typical in that the attacker combined a good knowledge of assembly code and a great deal of tenacity with some simple tools: a debugger, a decompiler, and a binary file comparison program.

In this chapter, we’re going to delve deeper into the design of the program analysis tools that an attacker might have at his disposal. They come in two flavors: static analysis tools that collect information about a program by studying its text but without executing it, and dynamic analysis tools that collect information from program runs. What’s interesting is that these ...

Get Surreptitious Software now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.