Code when is provided in executable form still can be attacked for various reasons (reverse engineering, for skipping input validations, for making high scores in games). If you work on commercial products you should at least know what kind of threats are possible in relation to your code.
Reverse engineering is a process of knowledge extraction from executable code.
Output of this process can be:
- ASM code
- high-level code (C/C++)
- algorithm high-level design
Protecting your code
- Basics of Executable Code Obfuscation
- An Anti-Reverse Engineering Guide - Josh Jackson, 2008
- Windows Anti-Debug Reference - Nicolas Falliere, 2007
Executable packing tools
Executable code can be packed to make it more difficult to reverse engineer your application. It makes it also smaller.
Hooks can be used to simulate some actions or to hide events from application. They can also be intercepted and modified before sending to target application.
DLL injection is a process of replacing DLL used by application with own copy of DLL which simulates it but also implements additional features - for breaking application's protections or just for patching it.
- "Secure Programming Cookbook for C and C++" - John Viega, Matt Messier, 2003