This book is a beast! If you're looking to master the ever widening field
of malware analysis, look no further, this is the definitive guide for you
- Pedram Amini, Founder Zero Day Initiative(ZDI) and OpenRCE, CTO InQuest.net
of malware analysis, look no further, this is the definitive guide for you
- Pedram Amini, Founder Zero Day Initiative(ZDI) and OpenRCE, CTO InQuest.net
8+ months. That's what it took for me along with my co-author Abhijit to complete this book. At around 900+ pages this is the most comprehensive guide one can find on Malware Analysis, Malware Reverse Engineering and Detection Engineering. This book is being published by Apress Publications and also available on the Springer Publisher Network, arguably the biggest
book publisher network in the world.
The book also covers Detection Engineering, a topic yet to be covered by any book, where we talk
about the internals of various detection tools like Antiviruses, Malware Sandboxes, IDS/IPS and Binary
Instrumentation, and how their internal details can be leveraged by malware analysts and reverse
engineers and budding detection engineers to automate sample analysis.
This book will,
about the internals of various detection tools like Antiviruses, Malware Sandboxes, IDS/IPS and Binary
Instrumentation, and how their internal details can be leveraged by malware analysts and reverse
engineers and budding detection engineers to automate sample analysis.
This book will,
- Will help you learn how to analyze any malware thrown at you and even reverse engineer them
using tools like Ollydbg and IDA Pro - Will reveal to you many undocumented tricks used by malware researchers in the industry to
analyze and reverse malwares. - Balances complex technical details and easy to apply tips/techniques that can be directly used
while researching on a sample. - Is very hands-on, with exercise driven content using both simulated malware samples to help
hone your skills in a controlled setup, and then with real-world malware samples to help you
test your newly learned skills. - Covers Detection Engineering - How various detection tools work internally and how to apply
them to automating analyzing malwares. Tools covered - Antivirus, Sandboxes, IDS/IPS and
Binary Instrumentation - Introduces a custom analysis tool “APIMiner” developed by us along with the book, that
makes analyzing malware samples uper easy. - Provides exercise samples along with the book.
We would like to thank Pedram Amini for providing the foreword for this book and Ravikanth Tiwari
for his technical review of the book.
for his technical review of the book.
The book is available for pre-order at Amazon here - https://www.amazon.com/dp/1484261925
Table Of Contents
Part 1: Introduction
1. Introduction
2. Malware Analysis Lab Setup
Part 2: OS and System Fundamentals
3. File & File Formats
4. Virtual Memory & Portable Executable(PE) File
5. Windows Internals
Part 3: Malware Components & Analysis
6. Malware Components & Distribution
7. Malware Packers
8. Persistence Mechanisms
9. Network Communication
Part 2: OS and System Fundamentals
3. File & File Formats
4. Virtual Memory & Portable Executable(PE) File
5. Windows Internals
Part 3: Malware Components & Analysis
6. Malware Components & Distribution
7. Malware Packers
8. Persistence Mechanisms
9. Network Communication
10. Code Injection, Process Hollowing & API Hooking
11. Stealth and Rootkits
Part 4: Malware Analysis & Classification
12. Static Analysis
13. Dynamic Analysis
14. Memory Forensics With Volatility
15. Malware Payload Dissection & Classification
Part 5: Malware Reverse Engineering
16. Debuggers & Assembly Language
17. Debugging Tricks for Unpacking Malwares
18. Debugging Code Injection
19. Armoring & Evasion - The Anti Techniques
20. File-less, Macros & Other Malware Trends
Part 6: Detection Engineering
21. Dev Analysis Lab Setup
22. Anti-Virus Engines
23. IDS/IPS & Snort/Suricata Rule Writing
24. Malware Sandbox Internals
25. Binary Instrumentation for Reversing Automation
11. Stealth and Rootkits
Part 4: Malware Analysis & Classification
12. Static Analysis
13. Dynamic Analysis
14. Memory Forensics With Volatility
15. Malware Payload Dissection & Classification
Part 5: Malware Reverse Engineering
16. Debuggers & Assembly Language
17. Debugging Tricks for Unpacking Malwares
18. Debugging Code Injection
19. Armoring & Evasion - The Anti Techniques
20. File-less, Macros & Other Malware Trends
Part 6: Detection Engineering
21. Dev Analysis Lab Setup
22. Anti-Virus Engines
23. IDS/IPS & Snort/Suricata Rule Writing
24. Malware Sandbox Internals
25. Binary Instrumentation for Reversing Automation