Practical Malware Analysis - The Hands-On Guide to Dissectiong Malicious Software. Foreword by Richard Bejtlich
Verlag | No Starch Press |
Auflage | 2016 |
Seiten | 800 |
Format | 17,9 x 23,5 x 3,9 cm |
Gewicht | 1250 g |
Artikeltyp | Englisches Buch |
ISBN-10 | 1593272901 |
EAN | 9781593272906 |
Bestell-Nr | 59327290UA |
Malware analysis is big business, and attacks can cost a company dearly. When malware breaches your defenses, you need to act quickly to cure current infections and prevent future ones from occurring.For those who want to stay ahead of the latest malware, Practical Malware Analysis will teach you the tools and techniques used by professional analysts. With this book as your guide, you'll be able to safely analyze, debug, and disassemble any malicious software that comes your way.You'll learn how to: Set up a safe virtual environment to analyze malware Quickly extract network signatures and host-based indicators Use key analysis tools like IDA Pro, OllyDbg, and WinDbg Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques Use your newfound knowledge of Windows internals for malware analysis Develop a methodology for unpacking malware and get practical experience with five of the most popular packers Analyze special cases of malware with shellcode, C++, and 64-bit codeHands-on labs throughout the book challenge you to practice and synthesize your skills as you dissect real malware samples, and pages of detailed dissections offer an over-the-shoulder look at how the pros do it. You'll learn how to crack open malware to see how it really works, determine what damage it has done, thoroughly clean your network, and ensure that the malware never comes back.Malware analysis is a cat-and-mouse game with rules that are constantly changing, so make sure you have the fundamentals. Whether you're tasked with securing one network or a thousand networks, or you're making a living as a malware analyst, you'll find what you need to succeed in Practical Malware Analysis.
Inhaltsverzeichnis:
IntroductionChapter 0: Malware Analysis PrimerPart 1: Basic AnalysisChapter 1: Basic Static TechniquesChapter 2: Malware Analysis in Virtual MachinesChapter 3: Basic Dynamic AnalysisPart 2: Advanced Static AnalysisChapter 4: A Crash Course in x86 DisassemblyChapter 5: IDA ProChapter 6: Recognizing C Code Constructs in AssemblyChapter 7: Analyzing Malicious Windows ProgramsPart 3: Advanced Dynamic AnalysisChapter 8: DebuggingChapter 9: OllyDbgChapter 10: Kernel Debugging with WinDbgPart 4: Malware FunctionalityChapter 11: Malware BehaviorChapter 12: Covert Malware LaunchingChapter 13: Data EncodingChapter 14: Malware-Focused Network SignaturesPart 5: Anti-Reverse-EngineeringChapter 15: Anti-DisassemblyChapter 16: Anti-DebuggingChapter 17: Anti-Virtual Machine TechniquesChapter 18: Packers and UnpackingPart 6: Special TopicsChapter 19: Shellcode AnalysisChapter 20: C++ AnalysisChapter 21: 64-Bit MalwareAppendix A: Important Windows FunctionsAppendix B: Tools for Malware AnalysisAppendix C: Solutions to Labs
Rezension:
"A hands-on introduction to malware analysis. I\'d recommend it to anyone who wants to dissect Windows malware."
Ilfak Guilfanov, Creator of IDA Pro
"The book every malware analyst should keep handy."
Richard Bejtlich, CSO of Mandiant & Founder of TaoSecurity
"This book does exactly what it promises on the cover; it\'s crammed with detail and has an intensely practical approach, but it\'s well organised enough that you can keep it around as handy reference."
Mary Branscombe, ZDNet
"If you\'re starting out in malware analysis, or if you are are coming to analysis from another discipline, I\'d recommend having a nose."
Paul Baccas, Naked Security from Sophos
"An excellent crash course in malware analysis."
Dino Dai Zovi, Independent Security Consultant
"The most comprehensive guide to analysis of malware, offering detailed coverage of all the essential skills required to understand the specific challenges presented by modern malware."
Chris Eagle, Senior Lecturer of Computer Science at the Naval Postgraduate School
"A great introduction to malware analysis. All chapters contain detailed technical explanations and hands-on lab exercises to get you immediate exposure to real malware."
Sebastian Porst, Google Software Engineer
"Brings reverse engineering to readers of all skill levels. Technically rich and accessible, the labs will lead you to a deeper understanding of the art and science of reverse engineering. I strongly recommend this book for beginners and experts alike. I strongly believe this will become the defacto text for learning malware analysis in the future."
Danny Quist, PhD, Founder of Offensive Computing
An awesome book. . . written by knowledgeable authors who possess the rare gift of being able to communicate their knowledge through the written word.
Richard Austin, IEEE Cipher
"If you only read one malware book or are looking to break into the world of malware analysis, this is the book to get."
Patrick Engebretson, IA Professor at Dakota State University and Author of The Basics of Hacking and Pen Testing
"An excellent addition to the course materials for an advanced graduate level course on Software Security or Intrusion Detection Systems. The labs are especially useful to students in teaching the methods to reverse engineer, analyze and understand malicious software."
Sal Stolfo, Professor, Columbia University
"The explanation of the tools is clear, the presentation of the process is lucid, and the actual detective work fascinating. All presented clearly and hitting just the right level so that developers with no previous experience in this particular area can participate fully. Highly recommended."
Dr. Dobb\'s
"This book is like having your very own personal malware analysis teacher without the expensive training costs."
Dustin Schultz, TheXploit
"I highly recommend this book to anyone looking to get their feet wet in malware analysis or just looking for a good desktop reference on the subject."
Pete Arzamendi, 403 Labs
I do not see how anyone who has hands-on responsibility for security of Windows systems can rationalize not being familiar with these tools.
Stephen Northcutt, SANS Institute
"Practical Malware Analysis is another book that should be within reaching distance in anyone s DFIR shop. I went ahead and purchased PMA hoping the book would improve my knowledge and skills when faced with malware. What I ended up with was knowledge, a process and tools I can use to analyze any program I encounter. PMA gets a five star review (5 out of 5)."
Journey Into Incident Response
Highly recommend it to those looking to enter the malware analysis field.
Linux Ninja
"If you are a beginner to this hacking field, then this book will be an excellent choice for you."
Hackerzzz