Vacationing with the Vampire in Hallow's Cove
معرفی کتاب «Vacationing with the Vampire in Hallow's Cove» نوشتهٔ Antonio Nappa، Eduardo Blazquez، Nikias Bassen، Dr. Javier Lopez-Gomez و Lyonne Riley، منتشرشده توسط نشر anonymous در سال 2025. این کتاب در فرمت epub، زبان انگلیسی ارائه شده است.
Find security flaws in any architecture effectively through emulation and fuzzing with QEMU and AFL Purchase of the print or Kindle book includes a free PDF eBook Key Features Understand the vulnerability landscape and useful tools such as QEMU and AFL Explore use cases to find vulnerabilities and execute unknown firmware Create your own firmware emulation and fuzzing environment to discover vulnerabilities Book Description Emulation and fuzzing are among the many techniques that can be used to improve cybersecurity; however, utilizing these efficiently can be tricky. Fuzzing Against the Machine is your hands-on guide to understanding how these powerful tools and techniques work. Using a variety of real-world use cases and practical examples, this book helps you grasp the fundamental concepts of fuzzing and emulation along with advanced vulnerability research, providing you with the tools and skills needed to find security flaws in your software. The book begins by introducing you to two open source fuzzer engines: QEMU, which allows you to run software for whatever architecture you can think of, and American fuzzy lop (AFL) and its improved version AFL++. You'll learn to combine these powerful tools to create your own emulation and fuzzing environment and then use it to discover vulnerabilities in various systems, such as iOS, Android, and Samsung's Mobile Baseband software, Shannon. After reading the introductions and setting up your environment, you'll be able to dive into whichever chapter you want, although the topics gradually become more advanced as the book progresses. By the end of this book, you'll have gained the skills, knowledge, and practice required to find flaws in any firmware by emulating and fuzzing it with QEMU and several fuzzing engines. What you will learn Understand the difference between emulation and virtualization Discover the importance of emulation and fuzzing in cybersecurity Get to grips with fuzzing an entire operating system Discover how to inject a fuzzer into proprietary firmware Know the difference between static and dynamic fuzzing Look into combining QEMU with AFL and AFL++ Explore Fuzz peripherals such as modems Find out how to identify vulnerabilities in OpenWrt Who this book is for This book is for security researchers, security professionals, embedded firmware engineers, and embedded software professionals. Learners interested in emulation, as well as software engineers interested in vulnerability research and exploitation, software testing, and embedded software development will also find it useful. The book assumes basic knowledge of programming (C and Python); operating systems (Linux and macOS); and the use of Linux shell, compilation, and debugging. Table of Contents Who this book is for History of emulation Qemu from the ground Qemu Execution Modes and Fuzzing A Famous Refrain: AFL+QEMU = CVEs Modifying QEMU for basic instrumentation Real-life Case Study: Samsung Exynos Baseband Case Study: OpenWRT full system fuzzing Case Study: OpenWRT System Fuzzing for ARM Finally Here: iOS Full System Fuzzing Deus Ex Machina: Fuzzing Android Libraries Conclusion and Final Remarks Cover Title Page Copyright and Credits Dedications Forewords Contributors Table of Contents Preface Part 1: Foundations Chapter 1: Who This Book is For Who is this book for? Prerequisites A custom journey Getting a primer The utility belt Ladies and gentlemen, start your engines QEMU basic instrumentation OpenWrt full system emulation Samsung Exynos baseband iOS and Android Summary Chapter 2: History of Emulation What is emulation? Why is emulation needed? Differences between emulation and virtualization Emulation besides QEMU MAME Bochs RetroPie The role of emulation and virtualization in cybersecurity through history Anubis TEMU Ether The Cuckoo sandbox Commercial solutions – VirusTotal and Joe Sandbox Summary Chapter 3: QEMU From the Ground Approaching IoT devices with emulation Code structure QEMU emulation QEMU IR A deep-dive into QEMU architecture QEMU extensions and mods A brief example of Avatar2 PANDA Summary Part 2: Emulation and Fuzzing Chapter 4: QEMU Execution Modes and Fuzzing QEMU user mode QEMU full-system mode Fuzzing and analysis techniques The Rosetta Stone of program semantics Fuzzing techniques American Fuzzy Lop and American Fuzzy Lop++ Advantages of AFL and AFL++ versus my own fuzzer Fuzzing with AFL and AFL++ Fuzzing ARM binaries Summary Chapter 5: A Famous Refrain: AFL + QEMU = CVEs Is it so easy to find vulnerabilities? Downloading and installing AFL++ Preparing a vulnerable VLC instance VLC exploit Full-system fuzzing – introducing TriforceAFL Passing inputs to the guest system Summary Further reading Appendix Chapter 6: Modifying QEMU for Basic Instrumentation Adding a new CPU Emulating an embedded firmware Reverse engineering DMA peripherals Emulating UART with Avatar2 for firmware debugging – visualizing output Summary Part 3: Advanced Concepts Chapter 7: Real-Life Case Study: Samsung Exynos Baseband A crash course on mobile phone architecture Baseband Baseband CPU family Application processor and baseband interface A talk with Shannon A note on GSM/3GPP/LTE protocol specifications Setting up FirmWire for vulnerability validation CVE-2020-25279 – emulator fuzzing CVE-2020-25279 – OTA exploitation Summary Chapter 8: Case Study: OpenWrt Full-System Fuzzing OpenWrt Building the firmware Testing the firmware in QEMU Extracting and preparing the kernel Fuzzing the kernel Post-crash core dump triaging Summary Chapter 9: Case Study: OpenWrt System Fuzzing for ARM Emulating the ARM architecture to run an OpenWrt system Installing TriforceAFL for ARM Running TriforceAFL in OpenWrt for ARM Obtaining a crash Summary Chapter 10: Finally Here: iOS Full System Fuzzing A brief history of iOS emulation iOS basics What it takes to boot iOS Code signatures Plist files and entitlements Binaries compilation IPSW formats and research kernels Setting up an iOS emulator Preparing the environment Building the emulator Boot prepping Booting iOS in QEMU Preparing your harness to start fuzzing Triforce’s driver mod for iOS Summary Chapter 11: Deus Ex Machina: Fuzzing Android Libraries Introducing the Android OS and its architecture The Android architecture Fuzzing Android libraries with Sloth Introducing Sloth's mechanisms Introducing AFL coverage Running the ELF linker Running LibFuzzer Addressing issues with the Sloth fuzzing method Running Sloth Summary Chapter 12: Conclusion and Final Remarks Index Other Books You May Enjoy Exploring and Fuzzing IoT Firmware with Qemu will help security practitioners deal with the explosion of IoT devices and the amount of code to analyze. It will enable you to discover the flaws in any system before you have a breach!
دانلود کتاب Vacationing with the Vampire in Hallow's Cove