This is the code repository for Ghidra Software Reverse-Engineering for Beginners, published by Packt.
Master the art of debugging, from understanding code to mitigating threats
This book is a comprehensive guide to using Ghidra for malware analysis, reverse engineering, and vulnerability detection. It covers everything from basic usage to advanced topics such as Ghidra plug-ins, kernel debugging, and binary diffing.
This book covers the following exciting features:
- Develop and integrate your own Ghidra extensions
- Discover how to use Ghidra in headless mode
- Extend Ghidra for advanced reverse-engineering
- Perform binary differencing for use cases such as patch and vulnerability analysis
- Perform debugging locally and in a remote environment
- Automate vulnerability detection in executable binaries using Ghidra scripting
If you feel this book is for you, get your copy today!
All of the code is organized into folders. For example, Chapter03.
The commands will look like the following:
C:\Users\virusito\Desktop\ghidra_9.0_PUBLIC\support>ghidraDebug.bat
C:\Users\virusito>tasklist /fi "IMAGENAME eq java.exe" /FO LIST | FIND "PID:"
C:\Users\virusito>netstat -ano | FINDSTR 3828
Following is what you need for this book: This book is for software engineers, security researchers, and professionals working in software development and testing who want to deepen their expertise in reverse engineering and cybersecurity. Aspiring malware analysts and vulnerability researchers will also benefit greatly. Prior experience with Java or Python and a foundational understanding of programming is recommended.
With the following software and hardware list you can run all code files present in the book (Chapter 1-18).
| Chapter | Software required | OS required |
|---|---|---|
| 1-18 | Ghidra 11.0.1 and Ghidra 11.2, Git, Java JDK 17 and 21, Gradle, Eclipse IDE for Java developers, MinGW32 and MinGW64, Elasticsearch | Windows, Mac OS X, and Linux (Any) |
A. P. David He is a senior malware analyst and reverse engineer. He has more than 12 years of experience in IT, having worked on his antivirus product, and later as a malware analyst. David started working for a company mostly reverse engineering banking malware and helping to automate the process. After that, he joined the critical malware department of an antivirus company and then moved to a Galician research center while doing his malware-related PhD at the University of Vigo. He has also hunted vulnerabilities in software products like Microsoft's Windows 10 and the National Security Agency's Ghidra project. David is currently working as a senior malware analyst at Gen Digital Inc.
Ravikant Tiwari He is a senior security researcher at Microsoft, where he works on Windows Defender and machine learning. He has over 13 years of experience in security research, reverse engineering, and binary exploitation. He has worked with leading companies such as McAfee, FireEye, Comodo, and Acronis, and has reversed and decrypted various complex malware. He is also a certified ethical hacker, a frequent speaker at security conferences such as RSA, and a patent holder in threat detection technology. He is passionate about AI, malware and cybersecurity.