VnutZ Domain
Copyright © 1996 - 2017 [Matthew Vea] - All Rights Reserved

Featured Article

Programming and Security Resources

[index] [742 page views]

Over the years, my bookshelf has amassed quite a tonnage of programming and security books. It may take a bit, but I will update this list time permitting.

Subversive Programming

The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System by Bill Blunden

ISBN - 978-1449626365

This is an advanced programming book that assumes it's reader is well experienced. Even if developing rootkits is not your intention, the book provides an excellent overview into the processor, the underpinnings of Windows, how debuggers work at the hardware level, and the fundamentals of live patching code. Naturally, the volume features many proof-of-concept examples in C and case studies of real world rootkits.

Debugging and Reverse Engineering

Advanced Windows Debugging by Mario Hewardt

ISBN - 978-0321374462

This book goes beyond simply debugging your Windows application, it guides a developer through using WinDbg to trace calls into the Windows kernel itself. It assumes and advanced reader that already understands debuggers and fundamental Windows architecture while addressing more arcane topics such as crash dumps and tracing through multi-threaded challenges.

Art of Debugging with GDB, DDD and Eclipse by Norman Matloff and Peter Salzman

ISBN - 978-1593271749

Obviously a knowledge of WinDbg limits a developer to the Windows platform. This book opens the doors to freely available debuggers for Linux. It is primarily an introduction but includes enough information to debug most common issues using these tools.

IDA Pro Book by Chris Eagle

ISBN - 978-1593272890

When it comes to using IDA Pro, the premier reversing tool, this book is an essential reference. This is not just an introductory text, it covers scripting, obfuscation, extensions, and just about every feature of the software for most of the challenges a reverse engineer will face.

Reversing: Secrets of Reverse Engineering by Eldad Eilam

ISBN - 978-0764574818

Reverse engineering entails more than simply running binaries through a debugger. This tome covers file formats, packers, unwinding byte code compilation to source, and the assortment of available tools.


80386 System Software Writer's Guide by Intel

ISBN - 978-1555120238

To fully understand protected mode programming, it requires going back to the origin - the Intel 386 microprocessor. Back in the day, Intel produced countless texts fully detailing the implementation of their new chip designs and features in order to generate substantial buy-in with industry. Even today, thirty years later, those texts still represent some of the best documentation on the underlying hardware.

IA-32 Intel Architecture Software Developers Manual Volume 2A and IA-32 Intel Architecture Software Developers Manual Volume 2B by Intel

ASIN - B000TZ0EAM and B002NBM1RY

These are essentially required must-have volumes for any reverse engineer or assembly language programmer. Published by Intel, these books document every instruction and opcode format for the 32bit Intel architecture.

Assembly Language

The Art of Assembly Language by Randall Hyde

ISBN - 978-1593272074

Many consider this book the ultimate primer on ASM. It differs from most books in taking an approach towards what Randall Hyde calls HLA - High Level Assembly. HLA takes the concepts of higher level languages and applies those constructs into the low level language itself to make programming and reading it much cleaner and clearer. The only disadvantage to this approach is that ... it's quite literally the only place I've ever seen it done that way. Reverse engineers will still need to understand primitive assembly language anyway.

Assembly Language: Step by Step Programming with Linux by Jeff Duntemann

ISBN - 978-1593272074

As few assembly language books as there are in the wild, even fewer focus on developing in a Linux environment. This book focuses on developing using NASM and includes 16bit, 32bit, and 64bit subjects. It spans the entire scope of programming and is well suited for those who already know what they're doing that seek a syntax guide with examples. At the conclusion, the book integrates Assembly with C leaving you prepared for diving into system code.

Introduction To 80X86 Assembly Language And Computer Architecture by Richard C. Detmer

ISBN - 978-1284036121

This book is literally a complete course in Assembly programming using a modern environment. It focuses on using the Microsoft Visual Studio 2012 IDE, compiler, and Windows development libraries with a complete suite of updated examples. Additionally, the book is fully up to date covering modern CPU architecture with an emphasis on the latest 64bit instructions and extensions.

Mastering Turbo Assembler by Tom Swan

ISBN - 978-0672305269

This is quite an ancient tome on Assembly from the mid-90s. Judging the book by its cover, it seems quite irrelevant based on the TASM syntax and 16bit Real Mode constructs. From a learning perspective, however, the TASM syntax bore significant influence over the development of NASM for syntax and the book itself covers many fundamental coding practices that are true regardless of the architectural era.

X86 Assembly Language and C Fundamentals by Joseph Cavanaugh

ISBN - 978-1466568242

Easily one of the most expensive books on Assembly language available, it is definitely comprehensive. It is not entirely meant as a "pure" Assembly book but rather one that discusses using both C and Assembly to complement one another. As is necessary for a true understanding of the language, a good portion of the book dives into the hardware to make the connection between opcodes and what happens at a chip level.

x86 Disassembly: Exploring the relationship between C, x86 Assembly, and Machine Code by Various Authors

ISBN - 978-1466346055

This is a physical compilation of material already found on-line via WikiBooks. If you're the type of person that simply likes the convenience of a hardcopy rather than swapping between screens, that is the value of this reference. There is no "learning" from this book and its format as a compilation of wiki material makes it seem discombobulated. However, as a reference guide linking between instructions and opcodes it serves its purpose well.

Linux Development

Linux Application Development by Michael Johnson and Erik Troan

ISBN - 978-0321219145

This book is dated for the 2.6.x kernels, however, the principles behind applications riding atop the kernel are fairly agnostic. Despite its age, as a reference for Linux application philosophy, this book serves its purpose cleanly and concisely.

Linux Programming Interface by Michael Kerrisk

ISBN - 978-1593272203

This tome is essentially the definitive guide to Linux development. It outlines virtually the entire API through system calls and libraries with countless code examples. Additionally, the book focuses on UNIX standards which help to maximize code portability between distributions and UNIX variations.

Linux Device Drivers by Jonathan Corbet

ISBN - 978-0596005900

Even dated, decade-plus, aged Linux books are still valuable. The fundamental design of a basic Linux device driver has not changed much over the years despite the advances in the kernel. In conjunction to understanding the kernel, understanding the integration of device drivers is crucial for understanding development for the total system.

Linux Kernel Architecture by Wolfgang Mauerer

ISBN - 978-0470343432

It's "ancient" by Linux standards from 2008 and addressing the 2.6.x kernel version. However, when it comes to studying operating system design and implementation, as a hardcopy reference, the book is an excellent glimpse into what Linux used to look like along with discussions on the decisions behind those implementations.

Linux Kernel Module Programming Guide by Ori Pomerantz

ISBN - 978-0595100422

This is a compilation of material already found on-line. At this point, the on-line material is far more up to date an relevant. If you're the type of person that simply likes the convenience of a hardcopy rather than swapping between screens, that is the value of this reference.

Linux Kernel Development by Robert Love

ISBN - 978-0672329463

Also very dated by Linux standards from 2010 and addressing the 2.6.x kernel version. This book focuses less on the architectural design of Linux and quickly dives into topics and examples more pertinent to kernel developers.

Windows Development

Developing Drivers with the Windows Driver Foundation by Penny Orwich and Guy Smith

ISBN - 978-0735623743

There are many different paradigms to developing drivers. In this book, the Windows Driver Foundation serves as the base model. As per many of the low-level system programming books, this one is irrelevant to the general programmer as it really only pertains to a system developer.

Programming Win32 Under the API by Pat Villani

ISBN - 978-1578200672

This book is very dated and never received great reviews. The most useful difference between this Win32 API introduction is that it utilized free and open source tools for all of its examples and compilation without relying on Visual Studio.

Windows 2000 Device Driver Book by Art Baker and Jerry Lozano

ISBN - 978-0130204318

The Windows Driver Model (WDM) is a much older paradigm, but the information is still very relevant. In many cases, there are no better ways to learn how a system works than how to integrate new code into it and utilize the available APIs. Despite the older information, it provides a foundation of where the Windows kernel was which helps to frame where it is now. And in many cases, there are always ways to squeeze legacy techniques into new systems that depend on backward compatibility.

Win32 System Programming by Johnson Hart

ISBN - 978-0201703108

The predecessor to Windows System Programming, this book shows an earlier era of Windows programming. Perhaps, like other older volumes, not as relevant to modern systems, there is always value in understanding where the history of the API and the older development models.

Windows Internals Volume 1 and Windows Internals Volume 2by Mark Russinovich

ISBN - 978-0735648739 and ISBN - 978-0735665873

These two volumes dive deep into how the modern Windows architecture works. Developers looking to simply make Windows applications do NOT need this level of detail. But if device drivers or malware are the build target, these volumes are a necessity to understanding the underlying system.

Windows NT/2000 Native API Reference by Gary Nebbett

ISBN - 978-1578701995

Sitting beneath the Win32 API is the kernel's direct API. These functions are barely documented and many have gone undocumented for years. At that low-level level they are never guaranteed to maintain their calling conventions let alone even survive between Windows versions. This book remains one of the most comprehensive aggregations about the interface to these functions.

Windows NT Win32 API Superbible by Richard Simon

ISBN - 978-1571690890

Although very dated in that it covers the Win32 API as of the Windows NT and Windows 95 days, those API calls represent the bulk of the functions one needs to develop general Windows applications. While these functions, along with all the newer ones, can be found in the MSDN libraries, it is often much simpler to have a hardcopy reference.

Windows System Programming by Johnson Hart

ISBN - 978-0321657749

All novice Windows programmers will benefit from this book. Although the title implies a deeper level of programming, the book really addresses all of the fundamental aspects a Windows application will deal with. It begins with a lot of general purpose requirements like file I/O, threads, process management and memory. It later dives into more advanced topics such as IPC, socket programming, performance enhancements, system services, and application security.

Windows via C/C++ by Jeffrey Richter and Christopher Nasarre

ISBN - 978-0735624245

This book complements the Windows Internals series with practical code examples in a real language - C. It includes sections on process and thread management, memory, DLLs (to include basic injection examples), and structured exception handling.

More Content You Might Be Interested In Reading:

Local Realism is the quantum physics equivalent of flat-Earth science. You can really root out the physics n00bs based on these beliefs.

Or try your hand at fate - use the Pattern Analysis of the MegaMillions Lottery or the Pattern Analysis of the PowerBall Lottery page to pick "smarter" numbers. Remember, you don't have to win the jackpot to win money from the lottery!