Skip to main content

Binary Analysis Cookbook: The Process and Working with Packt

Hello to you, yes you, reading this blog. Thank you for stopping by and I apologize for going silent for a while. Life has been busy in one way or another and unfortunately, this was one area that suffered. Thank you for understanding and please read on.

At the end of 2018, I received a LinkedIn message from someone at Packt Publishing inquiring whether I would have any interest in writing a book for them. Naturally, and partly due to my lack of knowledge or experience with the process, I was a bit skeptical. I replied to the e-mail and said I would be interested in finding out more, all while nearly simultaneously I reached out to Packt via their web contact form to verify this person was who she said she was. I mean after all, this kind of thing doesn't normally happen to me and I have done what I can to regain some of my public anonymity following a career in broadcast television.

So, Packt responded a week or two later and confirmed this was a legitimate request, and that they really did want me to write a book on this topic. Of course imposter syndrome started to settle in a bit and I began doubting my ability to commit to such a project. I had just wrapped up a Java class at the local community college to increase the breadth of my skill set in Application Security and was already registered for the second class in that series. Surprisingly enough as a side note, I really enjoyed learning Java. Knowing that life was going to get busier as my kids were both about to start school next year, I really had to be respectful of my time to commit to side projects, so I conferred with my wife to make sure I would be able to commit to this knowing it could take a whole year to complete a project like this. Needless to say, I wound up not taking Java II and agreed to work on this for Packt. Writing a book has been a proverbial "bucket list" item for a while, but I had imagined my first book would be a self-help book for couples dealing with grief due to loss of a child or loved one. Alas, I am glad it's not up to me.

The first part of the process involved signing a contract and reading through some legal language with my lawyer to make sure there was minimal risk to me. After we agreed it was a pretty typical contract, I signed it. No turning back now! Next, I needed to come up with an outline and as I was submitting outline drafts on the topic, Packt wanted me to work in specific sub topics into the book. I was hesitant at first but then got over it and agreed to cover those topics from a high level view. After all, I wanted this book to challenge me to expand my own knowledge on this topic and not just focus on what I already knew, or already had experience. Plus, given the topic Packt wanted me to cover, I get to share my passion of Intel Assembly on Linux with others! That's a big win in my opinion regardless of how well the book sells. During the outline process, I had to see if there were any other books on the topic. At the time I started this process there was only one and it was published by Packt. I asked some friends what they would want to read on this topic, what was missing from their skill set. The biggest comment I received was that there was not enough beginner friendly material for those wanting to dive into binary analysis, or disassembling binaries. This sparked an idea.

I altered the outline draft again, and sent it to Packt with an explanation based off of my friend's feedback. Now, whether their statements were true or not doesn't matter, but it did give me the idea to work through another passion of mine through this book. That other passion is to help newcomers to the industry get the foundational skills needed to move onto more advanced sub topics within whatever area I am mentoring them through. Packt was more than on board which was a big deal in my opinion. A month or so went by, Christmas, New Year's Day, a few e-mails were exchanged, the outline was tweaked and by early to mid January 2019, I put the first words down. Initially I was confused about the format so after submitting the first chapter draft, Packt gently corrected my formatting and provided a style guide document. This was a tremendous help in making sure each chapter fit the "cook book" style.

Earlier in this post, I mentioned I wanted to be sure this project didn't interfere with my other duties around the house. After all, Husband and Father are two roles I take very seriously and 2019 would challenge both of those while tackling this project. On one hand we were dealing with some additional medical challenges with one of our kids who has already had enough medical challenges to last a life time and she's only 7. She's had more surgeries than her age and this next challenge would prove to be a trying time for her and for my family. Whenever I take on a project, I usually work on that project between 5:00 am and 8:00 am before work, go to work, and make sure that when I'm home, work stays at work and my family gets the remainder of my time and energy in the evenings. So, that's the schedule I pretty much kept up until the book was published, even while traveling for work. The next challenge that occurred was that I lost one of my best friends, and coworker Joe Blackshaw. Despite his own medical challenges, Joe was one of my biggest supporters in this endeavor and it was an easy decision to dedicate this book to him since he passed away before it was completed. Joe was a heck of a guy and friends like him are extremely rare. On top of that, Joe passed on the same day as one of my sons. That day has one more person tied to it now and I know Uncle Joe is hanging out with Joshua in a much better place.

By this point in the process, I was several chapters in, had made several edits, and did my best to get a full night sleep while balancing this project with family, a new job, loss, and the challenges of life in general. I'm a firm believer that we have an unseen enemy trying to wreak havoc in our lives daily and this year was one of those challenging years on my family and me personally. Still, I also believe in persevering through challenges and seeing projects through to completion and I am thankful for my friends and family who supported us through everything this year. Packt also was very great to work with and whenever they wanted to move the deadline up, understood my reasons for keeping the deadline we originally agreed upon.

I submitted the last chapter at the end of August after making several changes and edits based on Packt's feedback and initial review. The person in charge of the project changed several times during the year but I was always greeted by the new person with such a friendly and kind demeanor. It was really awesome. Packt was incredibly encouraging as well as we discussed changes to the original draft. I did my best to be as flexible as possible too, as long as it didn't take away from being a beginner friendly book. Overall, I really enjoyed the experience and would gladly write another book for them in the future.

One caution I was given early on was to not take a payment "advance", essentially a loan. I'm not a fan of debt anyways, so I was glad the contract was not set up like this. There was a payment up front for submitting so many drafts, and then royalties collected for each sale. Not knowing how this works, it seemed like a fair payment allocation and I was more than OK with it. I would be more than happy to write another book for Packt some day. I'm a consumer of some of their books, especially the Python books, and was more than pleased with the process, and the final product.

If you're interested in Binary Analysis, please pick up the book. I made it beginner friendly that you could come in with very little knowledge on the topic. By the end of the book you'll have the skills and knowledge to tackle more complex books on the topic that will take you deeper. There are now three books on the market including my own that dive into Binary Analysis. The one I wrote should serve you well if you choose to read through the other two.


You can pick up a copy of Binary Analysis Cookbook on Packt's website or Amazon at the links below. If you choose amazon, I encourage you to purchase it through Amazon smile so that portions of the purchase go to a charity of your choice.

Amazon Smile URL: https://smile.amazon.com/Binary-Analysis-Cookbook-Actionable-disassembling/dp/1789807603/ref=sr_1_1?keywords=binary+analysis+cookbook&qid=1570647340&sr=8-1

Packt Publishing URL: https://www.packtpub.com/security/binary-analysis-cookbook

If you do decide to pick up a copy, excellent, thank you. Please leave feedback. Your input is important to me and the more constructive the better. I am always striving to improve what I do and how I can give back to this community. I appreciate any comments or feedback you are willing to leave.

Comments

Popular posts from this blog

SLAE/SLAE64 Course Review

After recently finishing both the SLAE (http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/index.html) and SLAE64 (http://www.securitytube-training.com/online-courses/x8664-assembly-and-shellcoding-on-linux/index.html) courses available through SecurityTube Training, and earning both certifications, I thought I would write a review of the training itself. Personally, I chose these course as a way to learn Assembly in preparation for the Crack The Perimeter (CTP) course and OSCE certification. After taking the Pentesting With Kali (PWK) class and earning the OSCP, I knew I needed to fill some gaps in my knowledge, and specifically with C and Assembly programming. Seeing that there aren't many training offerings that aim to teach Assembly specific to penetration testing and shellcoding, I gave SLAE a try.

  If you don't care about the certification itself, you can obtain all of SecurityTube's videos for a small monthly fee through Pentes…

PWK and the OSCP Review

Back in 2014 I started down the Pentesting With Kali (PWK) course about a month after passing the CISSP exam, for which I self studied for about 4 months. What can I say, I was a glutton for punishment but it was well worth it. I started off with 90 days, but due to a crazy work schedule, wound up extending it another 30 for a total of 120 days of lab access. I'm not as young as I would like to think I am and have other important responsibilities as Dad and Husband which I consider "Priority 1". So, my time to study, perform the homework assignments, go through the modules, videos, and lab work were limited to 2 hours in the morning before work (typically 5am until 7am), and then again for a few hours after everyone was asleep in the house (typically 9pm until 11pm or Midnight). Weekends I could usually spend up to 6 hours on Saturdays and Sundays studying which helped tremendously.

Other people have already done a great job at reviewing the PWK course and the OSCP chall…

SLAE32 - Assignment 1

In preparation for the next Offensive Security certification class and challenge (CTP and OSCE), I decided to invest some time and energy into the Security Tube Linux Assembly Expert 32-bit class. That way I can have a solid foundation in understanding the finer workings of Assembly. Especially since my focus for my second Bachelor's degree was more along the lines of system administration and back-end web development instead of the programming focus of Computer Science. Still, I never stop with my learning and barely slow down at times.

This was the first assignment out of seven (7) and the requirements for assignment one (1) were as follows:

Create a Shell_Bind_TCP shellcodeBinds to a portExecs shell upon connectionThe PORT number should be easily configurable
This is a pretty standard request but I must admit the process was only somewhat familiar. I knew I could write the code pretty easily once I understood the process. For this, I had to fall back on my love for Python to un…