Elementary Secondary Higher Ed Common Reads
0 0
Download high-resolution image

Practical Malware Analysis

The Hands-On Guide to Dissecting Malicious Software

Author Michael Sikorski, Andrew Honig
Ebook
No Starch | No Starch Press
On sale Feb 01, 2012 | 800 Pages | 9781593274306
Add to cart Add to list Exam Copies

See Additional Formats
Malware analysis is big business, and attacks can cost a company dearly. When malware breaches your defenses, you need to act quickly to cure current infections and prevent future ones from occurring.

For those who want to stay ahead of the latest malware, Practical Malware Analysis will teach you the tools and techniques used by professional analysts. With this book as your guide, you'll be able to safely analyze, debug, and disassemble any malicious software that comes your way.

You'll learn how to:
–Set up a safe virtual environment to analyze malware
–Quickly extract network signatures and host-based indicators
–Use key analysis tools like IDA Pro, OllyDbg, and WinDbg
–Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques
–Use your newfound knowledge of Windows internals for malware analysis
–Develop a methodology for unpacking malware and get practical experience with five of the most popular packers
–Analyze special cases of malware with shellcode, C++, and 64-bit code

Hands-on labs throughout the book challenge you to practice and synthesize your skills as you dissect real malware samples, and pages of detailed dissections offer an over-the-shoulder look at how the pros do it. You'll learn how to crack open malware to see how it really works, determine what damage it has done, thoroughly clean your network, and ensure that the malware never comes back.

Malware analysis is a cat-and-mouse game with rules that are constantly changing, so make sure you have the fundamentals. Whether you're tasked with securing one network or a thousand networks, or you're making a living as a malware analyst, you'll find what you need to succeed in Practical Malware Analysis.
Introduction
Chapter 0: Malware Analysis Primer
Part 1: Basic Analysis
Chapter 1: Basic Static Techniques
Chapter 2: Malware Analysis in Virtual Machines
Chapter 3: Basic Dynamic Analysis
Part 2: Advanced Static Analysis
Chapter 4: A Crash Course in x86 Disassembly
Chapter 5: IDA Pro
Chapter 6: Recognizing C Code Constructs in Assembly
Chapter 7: Analyzing Malicious Windows Programs
Part 3: Advanced Dynamic Analysis
Chapter 8: Debugging
Chapter 9: OllyDbg
Chapter 10: Kernel Debugging with WinDbg
Part 4: Malware Functionality
Chapter 11: Malware Behavior
Chapter 12: Covert Malware Launching
Chapter 13: Data Encoding
Chapter 14: Malware-Focused Network Signatures
Part 5: Anti-Reverse-Engineering
Chapter 15: Anti-Disassembly
Chapter 16: Anti-Debugging
Chapter 17: Anti-Virtual Machine Techniques
Chapter 18: Packers and Unpacking
Part 6: Special Topics
Chapter 19: Shellcode Analysis
Chapter 20: C++ Analysis
Chapter 21: 64-Bit Malware
Appendix A: Important Windows Functions
Appendix B: Tools for Malware Analysis
Appendix C: Solutions to Labs
Michael Sikorski is a malware analyst, researcher, and security consultant at Mandiant. His previous employers include the National Security Agency and MIT Lincoln Laboratory. Mike frequently teaches malware analysis to a variety of audiences including the FBI and Black Hat.
Andrew Honig is an Information Assurance Expert for the Department of Defense. He teaches courses on software analysis, reverse engineering, and Windows system programming. Andy is publicly credited with several zero-day exploits in VMware's virtualization products.
Michael Sikorski View titles by Michael Sikorski
Andrew Honig View titles by Andrew Honig

About

Malware analysis is big business, and attacks can cost a company dearly. When malware breaches your defenses, you need to act quickly to cure current infections and prevent future ones from occurring.

For those who want to stay ahead of the latest malware, Practical Malware Analysis will teach you the tools and techniques used by professional analysts. With this book as your guide, you'll be able to safely analyze, debug, and disassemble any malicious software that comes your way.

You'll learn how to:
–Set up a safe virtual environment to analyze malware
–Quickly extract network signatures and host-based indicators
–Use key analysis tools like IDA Pro, OllyDbg, and WinDbg
–Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques
–Use your newfound knowledge of Windows internals for malware analysis
–Develop a methodology for unpacking malware and get practical experience with five of the most popular packers
–Analyze special cases of malware with shellcode, C++, and 64-bit code

Hands-on labs throughout the book challenge you to practice and synthesize your skills as you dissect real malware samples, and pages of detailed dissections offer an over-the-shoulder look at how the pros do it. You'll learn how to crack open malware to see how it really works, determine what damage it has done, thoroughly clean your network, and ensure that the malware never comes back.

Malware analysis is a cat-and-mouse game with rules that are constantly changing, so make sure you have the fundamentals. Whether you're tasked with securing one network or a thousand networks, or you're making a living as a malware analyst, you'll find what you need to succeed in Practical Malware Analysis.

Table of Contents

Introduction
Chapter 0: Malware Analysis Primer
Part 1: Basic Analysis
Chapter 1: Basic Static Techniques
Chapter 2: Malware Analysis in Virtual Machines
Chapter 3: Basic Dynamic Analysis
Part 2: Advanced Static Analysis
Chapter 4: A Crash Course in x86 Disassembly
Chapter 5: IDA Pro
Chapter 6: Recognizing C Code Constructs in Assembly
Chapter 7: Analyzing Malicious Windows Programs
Part 3: Advanced Dynamic Analysis
Chapter 8: Debugging
Chapter 9: OllyDbg
Chapter 10: Kernel Debugging with WinDbg
Part 4: Malware Functionality
Chapter 11: Malware Behavior
Chapter 12: Covert Malware Launching
Chapter 13: Data Encoding
Chapter 14: Malware-Focused Network Signatures
Part 5: Anti-Reverse-Engineering
Chapter 15: Anti-Disassembly
Chapter 16: Anti-Debugging
Chapter 17: Anti-Virtual Machine Techniques
Chapter 18: Packers and Unpacking
Part 6: Special Topics
Chapter 19: Shellcode Analysis
Chapter 20: C++ Analysis
Chapter 21: 64-Bit Malware
Appendix A: Important Windows Functions
Appendix B: Tools for Malware Analysis
Appendix C: Solutions to Labs

Author

Michael Sikorski is a malware analyst, researcher, and security consultant at Mandiant. His previous employers include the National Security Agency and MIT Lincoln Laboratory. Mike frequently teaches malware analysis to a variety of audiences including the FBI and Black Hat.
Andrew Honig is an Information Assurance Expert for the Department of Defense. He teaches courses on software analysis, reverse engineering, and Windows system programming. Andy is publicly credited with several zero-day exploits in VMware's virtualization products.
Michael Sikorski View titles by Michael Sikorski
Andrew Honig View titles by Andrew Honig

Additional formats

Related Articles

Literature History Sociology

Books for Asian American, Native Hawaiian, and Pacific Islander Heritage Month

Every May we celebrate the rich history and culture of Asian Americans, Native Hawaiians, and Pacific Islanders. Browse a curated selection of fiction and nonfiction books by AANHPI creators that we think your students will love. Find our full collection of titles for Higher Education here.

Read more

Books for Asian American, Native Hawaiian, and Pacific Islander Heritage Month

Literature History Sociology
Subscribe

Penguin Random House Higher Education

© 2025 Penguin Random House

Back to Top
0
    • 0
    Wish List (0)