Dance with the Dragon“A must-read for any reverse engineer.”—Max “Libra” KerstenDeveloped through more than a decade of research within the NSA, Ghidra was created to address some of the most challenging reverse engineering problems faced by the US government. With its open source release, this formerly restricted tool suite is now freely available to cybersecurity practitioners, researchers, and students worldwide.
The Ghidra Book provides a clear, practical guide to understanding and using this powerful platform.
In addition to introducing core reverse engineering techniques for software and malware analysis, the book explains Ghidra’s key components, features, and support for extensibility and collaborative analysis. Beginning with the fundamentals and progressing to more advanced workflows, you’ll learn how to use Ghidra effectively and adapt it to new challenges.
You’ll learn how to:
- Navigate and interpret a disassembly
- Use Ghidra’s built-in decompiler to expedite analysis
- Analyze unfamiliar and obfuscated binaries
- Extend Ghidra to recognize new data types
- Build custom analyzers, loaders, and processor support modules
- Script Ghidra tasks to automate analysis tasks
- Set up a collaborative reverse engineering environment
This fully revised second edition reflects the modern Ghidra platform as it is used in practice, with updated tooling, improved workflows, and hands-on real-world examples. Designed for beginners and experienced users alike,
The Ghidra Book prepares you to tackle real reverse engineering problems with confidence.
New to this edition:- Behavioral analysis with BSim
- Full Python 3 support via PyGhidra
- Enhanced debugging and graphing tools
- Modern container-based deployment
QUICK VIEW
