Tuesday, June 26, 2012

Changing Blogs

After 6 years of blogging here at EM_386 I have decided to stop posting. Fortunately it is only so I can begin writing on the new LeafSR blog. I will be porting over a few of the better EM_386 posts as time permits but you can expect new content going forward.

In the past 6 years I've only logged 50 posts here but many of them still see dozens of page views a day. That is especially true of posts such as ELF Relocations Names and Symbols, WebKit CSS Type Confusion and GlibC 2.11 Stops the House of Mind. To this day I still get emails from people who read and appreciate the older posts. For that reason I will be leaving all the old content here unmodified. Hopefully someone will find it useful in the future.

Thanks again for reading and see you at the new blog!

Thursday, April 12, 2012

Practical Malware Analysis Review

I recently finished my review copy of 'Practical Malware Analysis'. I enjoyed this book for a few reasons. Each chapter concludes with some simple questions/labs to test your knowledge and give you a chance at some hands on experience related to the content you just read.

Although the title leads you to believe its strictly a malware analysis book theres a lot of good content for any new reverse engineer. This is especially true for the static analysis sections. There are also two chapters in this book that I think help it really stand out among similar books: 'Chapter 20: C++ Analysis' and 'Chapter 21: 64-bit Malware'. None of the information in these chapters is new research but as a beginner you would have to sort through dozens of research papers to find the same content. They are a great introduction to both topics.

If you analyze malware for a living or are just looking to understand how software reverse engineering works then you won't regret buying this book.

(I originally intended to post this over a month ago. Better late than never!)