// Comparison

Practical Binary Analysis vs The Shellcoder's Handbook: Which Should You Read?

Two cybersecurity books on Reverse Engineering, compared honestly: who each is for, what each does best, and which to read first.

Advanced

5/52018

Practical Binary Analysis

Build Your Own Linux Tools for Binary Instrumentation, Analysis, and Disassembly

Dennis Andriesse

Dennis Andriesse on the binary toolchain you can actually script: ELF internals, dynamic taint analysis, symbolic execution and instrumentation with concrete code-along examples.

Advanced

4/52007

The Shellcoder's Handbook

Discovering and Exploiting Security Holes

Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte

A foundational text on memory-corruption exploitation across Linux, Windows, Solaris and embedded targets. Pre-modern-mitigations in spirit but still the canonical introduction to the techniques the modern toolchain is built to defeat.

Read this if

Reverse engineers ready to stop being IDA clickers and start being programmers who happen to RE. Andriesse covers DBI (Pin), taint analysis (Triton), and symbolic execution (angr) at exactly the level a practitioner needs to weaponize them.

Readers committed to learning binary exploitation seriously, after they've already finished Hacking: The Art of Exploitation and want a multi-platform reference that goes deeper.

Skip this if

RE beginners who haven't yet finished Practical Reverse Engineering, or readers without C and Python comfort. The book assumes you can already disassemble; the value is in the automation layer.

Anyone expecting modern (post-2010) mitigations or current heap allocators. The book pre-dates ASLR enforcement, modern heap hardening, CFI, and the entire arc of mitigations the modern toolchain assumes. It teaches the techniques modern systems are built to defeat.

Key takeaways

Modern RE is automated RE; the book is the bridge between hand-driven analysis and the toolchain that scales to large binaries.
Symbolic execution is finally accessible to working RE engineers thanks to angr, and Andriesse's framing is what makes it click for most practitioners.
Custom DBI passes solve a category of problems that no GUI tool can; the book teaches you when to reach for them and how to write them.

The Windows exploitation chapters are still the best print introduction to the SEH/PE-format-specific mechanics that don't exist in Erickson.
The heap chapters teach the conceptual vocabulary (unlinking, frontlinking, magic values, freelists) you need to read modern CTF write-ups, even though the specific allocators have moved on.
The "track patches, don't track exploits" chapter is the most underrated piece of vulnerability-research advice in print.

How they compare

We rate Practical Binary Analysis higher (5/5 against 4/5 for The Shellcoder's Handbook). For most readers, that means Practical Binary Analysis is the primary pick and The Shellcoder's Handbook is a useful follow-up.

Both books target advanced-level readers, so the choice is about topic, not difficulty.

Practical Binary Analysis and The Shellcoder's Handbook both cover Reverse Engineering, so reading them in sequence reinforces the same material from different angles.

Keep reading