Preface

• Who this book is for
• What this book covers
• To get the most out of this book
• Download the example code files
• Download the color images
• Conventions used
• Get in touch
• Share Your Thoughts

1. Part 1: Foundations

2. Chapter 1: Who This Book is For FREE CHAPTER

• Who is this book for?
• Prerequisites
• A custom journey
• Getting a primer
• Ladies and gentlemen, start your engines
• Summary

3. Chapter 2: History of Emulation

• What is emulation?
• Why is emulation needed?
• Emulation besides QEMU
• The role of emulation and virtualization in cybersecurity through history
• Summary

4. Chapter 3: QEMU From the Ground

• Approaching IoT devices with emulation
• Code structure
• QEMU emulation
• QEMU extensions and mods
• Summary

5. Part 2: Emulation and Fuzzing

6. Chapter 4: QEMU Execution Modes and Fuzzing

• QEMU user mode
• QEMU full-system mode
• Fuzzing and analysis techniques
• American Fuzzy Lop and American Fuzzy Lop++
• Summary

7. Chapter 5: A Famous Refrain: AFL + QEMU = CVEs

• Is it so easy to find vulnerabilities?
• Full-system fuzzing – introducing TriforceAFL
• Summary
• Further reading
• Appendix

8. Chapter 6: Modifying QEMU for Basic Instrumentation

• Adding a new CPU
• Emulating an embedded firmware
• Reverse engineering DMA peripherals
• Emulating UART with Avatar2 for firmware debugging – visualizing output
• Summary

9. Part 3: Advanced Concepts

10. Chapter 7: Real-Life Case Study: Samsung Exynos Baseband

• A crash course on mobile phone architecture
• Setting up FirmWire for vulnerability validation
• Summary

11. Chapter 8: Case Study: OpenWrt Full-System Fuzzing

• OpenWrt
• Building the firmware
• Fuzzing the kernel
• Post-crash core dump triaging
• Summary

12. Chapter 9: Case Study: OpenWrt System Fuzzing for ARM

• Emulating the ARM architecture to run an OpenWrt system
• Installing TriforceAFL for ARM
• Running TriforceAFL in OpenWrt for ARM
• Obtaining a crash
• Summary

13. Chapter 10: Finally Here: iOS Full System Fuzzing

• A brief history of iOS emulation
• iOS basics
• Setting up an iOS emulator
• Preparing your harness to start fuzzing
• Triforce’s driver mod for iOS
• Summary

14. Chapter 11: Deus Ex Machina: Fuzzing Android Libraries

• Introducing the Android OS and its architecture
• Fuzzing Android libraries with Sloth
• Summary

15. Chapter 12: Conclusion and Final Remarks

16. Index

• Why subscribe?

17. Other Books You May Enjoy

• Packt is searching for authors like you
• Share Your Thoughts
• Download a free PDF copy of this book