Название: Heavy Wizardry 101: Shellcodes, Backdoors, Droppers, and Worms
Автор: David Martínez Oliveira
Издательство: No Starch Press
Год: 2026
Страниц: 522
Язык: английский
Формат: epub
Размер: 16.6 MB

Aspiring hackers will learn foundational programming in C and assembly languages from a veteran hacker and develop the skills to create their own hacking tools.

In hacker lore, heavy wizardry means code so close to the metal it feels like magic—crafted by those who truly understand how the machine works. Heavy Wizardry 101 is your apprenticeship in that art.

You’ll start with the foundations—computer architecture, memory, and the stack—before progressing to real-world programs: shellcode, backdoors, droppers, and worms (all built and tested in safe, contained environments). Each chapter provides complete, working code for four major architectures: x86_64, ARM, MIPS, and RISC-V, revealing the similarities and differences between them.

To get you there, this book will teach you about programming in C and assembly language (ASM). I would argue those are the only two languages a real hacker needs to know. Sure, you can get by for a while using scripting languages like Python or PowerShell, but ultimately that’s just script kid stuff. Certain real hacking skills, like reverse engineering, developing kernel-level rootkits, and some system-level programming, require the use of low-level languages. You could try a language like Go, Rust, or C++, but for the kinds of things we’ll be doing in this book, you’d likely end up with suboptimal (or unsafe) results, or be forced to use the language in a C-like way. In such cases, just using C is simpler and faster. As for ASM, there’s no substitute. When you need it, you need it. The bottom line is, if you really want to be a hacker, there’s no way around it: You have to learn C and ASM. That’s what this book is for.

At the lowest level, hacking is just like any other programming. To prove it, this book will teach you C and ASM fundamentals while showing you how to develop your own hacking tools from scratch. You’ll write a traditional “Hello, world!” program, then turn it into a basic shellcode with just a few small changes. You’ll learn how to use functions, and how to exploit them with buffer overflow attacks. You’ll code a simple read–evaluate–print loop (REPL), and use it to control a botnet. Finally, you’ll develop a real, working worm ... or should I say, a “mobile agent.” As you’ll see, all the tools you’ll create in this book have perfectly legitimate purposes, too.

You’ll learn how to:

Follow code from human-readable C down to raw assembly and opcodes
Adapt tools across architectures for maximum portability
Strip away compiler overhead to write smaller, faster binaries
Work confidently without relying on fragile, cutting-edge tools that can quickly become obsolete or change with new versions

Whether you’re an aspiring hacker, a security researcher, or a systems programmer, this book will give you the knowledge to not just run tools, but create them and understand exactly how and why they work.

"Heavy Wizardry 101 is a well-organized and accessible introduction to low-level programming in assembly for Linux, crafting multi-stage shellcode loaders, network and binary tools, and ELF binaries using only standard, open-source GNU command-line tools." —Sergi Àlvarez i Capilla (aka pancake), Author of radare2