سلام؛

هرگاه کتابی مرتبط با حوزهء امنیت نرم افزار منتشر شد ، عنوان و مشخصات و مختصر و چکیده ای از محتوای کتاب به این Thread اضافه خواهد شد .

----

Windows NT/2000 Native API Reference
مرجع جامع توابع کرنل ( سطح کاربر و سطح کرنل ) همراه با مثال و کدهای اجرائی





Windows NT/2000 Native API Reference is absolutely unique. Currently, documentation on WIndows NT's native APIs can only be found through access to the source code or occasionally Web sites where people have chosen to share bits of insight gained through reverse engineering. This book provides the first complete reference to the API functions native to Windows NT and covers the set of services that are offered by Windows NT to both kernel- and user-mode programs. Ideal for the intermediate and advanced level user- and kernel-mode developers of Windows systems, this books is devoted to the NT native API and consists of documentation of the 210 routines included in the API. Also included
are all the functions added in Windows 2000.


کتابی برای مطالعه کردن نیست ؛ ولی به عنوان یک مرجع باید در دسترس باشه .

----

Undocumented Windows NT
مرور اجمالی معماری ویندوزهای مبتنی بر NT همراه با بررسی اجزاء امنیتی این محیط . نویسندگان این کتاب اولین نقطه ضعف امنیتی ویندوز رو که به Privilage Scalation منجر میشد کشف کرده اند و کتاب واقعا" با ارزش و خواندنی است هر چند که انگلیسی اش افتضاح است ( هر سه نویسنده اش هندی هستند و گویا ادیتور هم از بیخ عرب بوده )













Dissects the Win32 interface, deconstructs the underlying APIs, and deciphers the Memory Management architecture to help you understand operations, fix flaws, and enhance performance. Uncovers both the strengths and weaknesses, and reveals how you can
make any Windows NT system more stable and secure






----

Undocumented Windows 2000 Secrets
احتمالا" بهترین کتاب امنیتی ست که تا بحال منتشر شده ، با بررسی عمیق عملکرد کرنل ویندوز و اجزاء اصلی اون . مطالعه اش برای کسانی که به توسعه Kernel Driver فکر میکنند ضروریه .





In the days of DOS and Windows 3.x, several knowing authors wrote books about undocumented features about these operating systems - essential details for programmers accidentally or intentionally missing from the original Microsoft documentation. This tradition continued when Windows 3.11 evolved into Windows 95 and its successors. However, when the first usable Version of Windows NT (Version 3.5) surfaced in 1995, none of the renowned writers of "undocumented" books took any notice.


It lasted until 1999, until the first "Undocumented Windows NT" book was finally published by Prasad Dabak, Sandeep Phadke, and Milind Borate from India. The next leap forward was Gary Nebbett's "Windows NT/2000 Native API Reference" (2000), comprehensively documenting an essential subset of the NT kernel's huge, but largely undocumented, programming interface. My book "Undocumented Windows 2000 Secrets" is intended to be one more piece in this mosaic.





My main intention in writing this book was to lead the readers through some of the basic, but hidden, mechanisms of the Windows 2000 and NT 4.0 kernel with the help of detailed sample code. My point of view is that a programmer always gets the most thorough understanding of an operating system by experimenting with it. The sample programs discussed in my book and packed onto the book's companion CD should serve as starting points for further exploration, and the text surrounding them provides the necessary theoretical background needed to get started.
I would be the happiest man on earth if my book would spur the inquiring minds of developers everywhere, kicking off an avalanche of research that unveils all mysteries that still surround most parts of the Windows NT/2000 kernel. I never believed that treating the operating system as a black box was a good programming paradigm. And I still don't believe it.










----

Reversing: Secrets of Reverse Engineering
مقدمات مهندسی معکوس نرم افزار - اشکالات فنی کتاب نشون میده نگارنده و ویراستاران فنی افراد چندان با سوادی نبوده اند اما شکل و قالب کتاب برای جهت گیری و آشنائی با فضا و محیط بحث مناسبه و میشه از نواقصش چشمپوشی کرد .





Beginning with a basic primer on reverse engineering-including computer internals, operating systems, and assembly language-and then discussing the various
applications of reverse engineering, this book provides readers with practical, in-depth techniques for software reverse engineering. The book is broken into two parts, the first deals with security-related reverse engineering and the second explores the more practical aspects of reverse engineering. In addition, the author explains how to reverse engineer a third-party software library to improve interfacing and how to reverse engineer a competitor's software to build a better product.
* The first popular book to show how software reverse engineering can help defend against security threats, speed up development, and unlock the secrets of competitive products
* Helps developers plug security holes by demonstrating how hackers exploit reverse engineering techniques to crack copy-protection schemes and identify software targets for viruses and other malware
* Offers a primer on advanced reverse-engineering, delving into "disassembly"-code-level reverse engineering-and explaining how to decipher assembly language

----

ادامه دارد ...