ANTICHAT — форум по информационной безопасности, OSINT и технологиям

The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler by Chris Eagle



No source code? No problem. With IDA Pro, you live in a source code�optional
world. IDA can automatically analyze the millions of opcodes that make up an
executable and present you with a disassembly. But at that point, your work is
just beginning. With The IDA Pro Book, you'll learn how to turn that mountain of
mnemonics into something you can actually use.

Hailed by the creator of IDA Pro as the "long-awaited" and "information-packed"
guide to IDA, The IDA Pro Book covers everything from the very first steps to
advanced automation techniques. While other disassemblers slow your analysis
with inflexibility, IDA invites you to customize its output for improved readability
and usefulness. You'll save time and effort as you learn to:

* Identify known library routines, so you can focus your analysis on other
areas of the code
* Extend IDA to support new processors and filetypes, making disassembly
possible for new or obscure architectures
* Explore popular plug-ins that make writing IDA scripts easier, allow
collaborative reverse engineering, and much more
* Utilize IDA's built-in debugger to tackle obfuscated code that would defeat
a stand-alone disassembler

You'll still need serious assembly skills to tackle the toughest executables, but
IDA makes things a lot easier. Whether you're analyzing the software on a black
box or conducting hard-core vulnerability research, a mastery of IDA Pro is crucial
to your success. Take your skills to the next level with The IDA Pro Book.

КНИГА - h++p://depositfiles.com/files/iggt3z5li
Исходники - h++p://depositfiles.com/files/3v6q97lg0

The Rootkit Arsenal



Bill Blunden

Paperback
908 Pages-© 2010

Part 1 Foundations
Chapter 1 Setting the Stage
Chapter 2 Into the Catacombs: IA-32
Chapter 3 Windows System Architecture
Chapter 4 Rootkit Basics
Part 2 System Modification
Chapter 5 Hooking Call Tables
Chapter 6 Patching System Routines
Chapter 7 Altering Kernel Objects
Chapter 8 Deploying Filter Drivers
Part 3 Anti-Forensics
Chapter 9 Defeating Live Response
Chapter 10 Defeating File System Analysis
Chapter 11 Defeating Network Analysis
Chapter 12 Countermeasure Summary
Part 4 End Material
Chapter 13 The Tao of Rootkits
Chapter 14 Closing Thoughts

With the growing prevalence of the Internet, rootkit technology has taken center stage in the battle between White Hats and Black Hats. Adopting an approach that favors full disclosure, The Rootkit Arsenal presents the most accessible, timely, and complete coverage of rootkit technology. This book covers more topics, in greater depth, than any other currently available. In doing so, the author forges through the murky back alleys of the Internet, shedding light on material that has traditionally been poorly documented, partially documented, or intentionally undocumented.

Learn how to:
Hook kernel structures on multi-processor systems
Use a kernel debugger to reverse-engineer operating system internals
Inject call gates to create a back door into Ring-0
Use detour patches to sidestep group policy
Modify privilege levels on Windows Vista by altering kernel objects
Utilize bootkit technology
Defeat both live incident response and post-mortem forensic analysis
Implement code armoring to protect your deliverables
Establish covert network channels using the WSK and NDIS 6.0

Берем здесь :
http://rapidshare.com/files/278312487/0eEFi_aR_tee_odhroa0_lAMDwtBAT_n9r.rar.html

И все таки асму самому выучить очень сложна=(

Какая бы не была книжка