Chapter 3. Program Analysis

In the last chapter, we tried to illustrate the way a cracker might go about removing protection code from a program by walking you through an attack. That attack was typical in that the attacker combined a good knowledge of assembly code and a great deal of tenacity with some simple tools: a debugger, a decompiler, and a binary file comparison program.

In this chapter, we’re going to delve deeper into the design of the program analysis tools that an attacker might have at his disposal. They come in two flavors: static analysis tools that collect information about a program by studying its text but without executing it, and dynamic analysis tools that collect information from program runs. What’s interesting is that ...

Get Surreptitious Software now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.