This article was published on the 22nd of August 2018.
Additional resources that are useful are listed below. These resources are already incorporated in some way in this course, since I have used them before or during the making of this course.
Resources
- An Assembly Language Introduction to Computer Architecture: Using the Intel Pentium by Karen Miller, released at 29th of April 1999. ISBN-10: 019512376X or ISBN-13: 978-0195123760. This book starts off at the very beginning of the workings of the Intel 8080 CPU and ends with memory segmentation. The way a computer works with arithmetic and uses data structures is covered in great detail. Note that this book is quite old already, the copy I personally own is from before the year 2000. The age does not change the fact that the basis of a CPU is explained understandable and in great detail. Each chapter ends with a dozen questions which help the reader understand the matter in great detail.
- RE4B by Dennis Yurichev, the book is still being updated and can be found here. Note that the book exists in multiple languages, which might be preferable. This book covers nearly every aspect that one can think of in three assembly architectures compiled with multiple compiles. The architectures are Intel x86 and x86_64, ARM (all formats) and MIPS. The book provides a good understanding of all concepts that are discussed. There are also questions in the book, but there are no answers. One can e-mail for help to the e-mail address on the website. Do note that the author asks readers not to publish the answers of questions that are in the book, as people should solve these questions themselves rather than reading the solution somehwere.
- Radare2Book by the Radare community, this book is also still being updated and can be found here. This book covers a lot of aspects of the Radare2 framework. Even though this course uses it quite a lot, there are dozens features in Radare2 which have never been used in this course, which makes it an interesting read!
- The Ghidra Book, written by Chris Eagle and Kara Nance, covers Ghidra’s usage extensively. It also provides insight in the more inner workings of the tool, both when scripting and analysing. For more information, one can read my extensive review here. The book itself can be found here. The ISBN-13 equals 9781718501027.
- Practical Malware Analysis, written by Michael Sikorski and Andrew Honig, covers malware analysis from the beginning. The examples in the book are dated (a VM with Windows XP is required in order to complete the exercises) but the concepts that are discussed, are highly relevant. This book is a good guide, although the focus on paid tools makes it infeasible for those without the resources or licenses. The book can be found here. The ISBN-10 equals 1593272901 and ISBN-13 equals 978-1593272906.
- The C Programming Language, written by Brian W. Kernighan and Dennis M. Ritchie, describes the foundation of the C language and provides insight in the how and why. Due to the low level nature of C, it offers an interesting perspective on assembly language and pseudo C code, which is often offered by decompilers. All in all, an informative read filled with extensive examples. The book can be found here. The ISBN-10 equals 0131103628 and ISBN-13 equals 978-0131103627.
To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], or DM me on Twitter @Libranalysis.