After an extended delay, we’ve finally reviewed our next book for #TripwireBookClub. This time around, we looked at Practical Binary Analysis written by Dennis Andriesse and published by No Starch Press.

This book is a deep dive into binary analysis, and I think that it’s best just to quote the opening paragraph of the book’s preface: “Binary analysis is one of the most fascinating and challenging topics in hacking and computer science. It’s also one of the most difficult to learn, and this is in no small part because of the lack of available information on the subject.” I couldn’t agree more with this statement. I wish that a book like this had been available when I was getting into computer security. It fills in a lot of the missing pieces of information.

Here’s what others in #TripwireBookClub had to say about this book:


Practical Binary Analysis by Dennis Andriesse explores several topics of binary analysis. Andriesse created a book full of details and allows the reader to follow along with examples. The book starts readers off with an explanation of the ELF format by describing the header and the fields within the header. Readers then will learn about the PE format and some of the differences between the ELF format and the PE format. In chapter four of the book, Andriesse demonstrates the ability to create a binary loader by using the binary file descriptor library. This book covers many aspects of binary analysis and allows a reader to determine the differences between certain analysis methods as well as the benefits of dynamic disassembly over static disassembly. The binary analysis techniques covered in this book are binary instrumentation, dynamic taint analysis, and symbolic execution. This book is definitely worth a read.

Rating: 5/5

– Andrew Swoboda, Senior Security Researcher, (Read more...)