Part 1: Introduction
2. Malware Analysis Lab SetupPart 2: OS and System Fundamentals
3. File & File Formats
4. Virtual Memory & Portable Executable(PE) File5. Windows Internals
Part 3: Malware Components & Analysis
6. Malware Components & Distribution7. Malware Packers
8. Persistence Mechanisms
9. Network Communication10. Code Injection, Process Hollowing & API Hooking
11. Stealth and Rootkits
Part 3: Malware Analysis & Classification12. Static Analysis
13. Dynamic Analysis
14. Memory Forensics With Volatility15. Malware Payload Dissection & Classification
Part 4: Malware Reverse Engineering
16. Debuggers & Assembly Language17. Debugging Tricks for Unpacking Malwares
18. Debugging Code Injection
19. Armoring & Evasion - The Anti Techniques20. File-less, Macros & Other Malware Trends
Part 5: Detection Engineering
21. Dev Analysis Lab Setup22. Anti-Virus Engines
23. IDS/IPS & Snort/Suricata Rule Writing
24. Malware Sandbox Internals25. Binary Instrumentation for Reversing Automation
Discover how the internals of malware work and how you can analyze and detect it. You will learn not only how to analyze and reverse malware, but also how to classify and categorize it, giving you insight into the intent of the malware. Malware Analysis and Detection Engineering is a one-stop guide to malware analysis that simplifies the topic by teaching you undocumented tricks used by analysts in the industry. You will be able to extend your expertise to analyze and reverse the challenges that malicious software throws at you.
The book starts with an introduction to malware analysis and reverse engineering to provide insight on the different types of malware and also the terminology used in the anti-malware industry. You will know how to set up an isolated lab environment to safely execute and analyze malware. You will learn about malware packing, code injection, and process hollowing plus how to analyze, reverse, classify, and categorize malware using static and dynamic tools. You will be able to automate your malware analysis process by exploring detection tools to modify and trace malware programs, including sandboxes, IDS/IPS, anti-virus, and Windows binary instrumentation.The book provides comprehensive content in combination with hands-on exercises to help you dig into the details of malware dissection, giving you the confidence to tackle malware that enters your environment.
Abhijit Mohanta is an independent cybersecurity consultant and corporate trainer who has worked extensively in malware reverse engineering, vulnerability research, anti-virus engine development, anti-malware signature writing, and sandbox development. He has worked with the Symantec, McAfee, and Juniper Networks anti-malware labs. He holds several patents. He blogs regularly and has been a speaker at security conferences and workshops. His articles have been republished and quoted in a number of blogs and whitepapers, including eForensics magazine. He is also the author of the book Preventing Ransomware: Understand, Prevent, and Remediate Ransomware Attacks.
Anoop Saldanha is one of the core authors of the Suricata Intrusion Detection and Prevention System, funded by the US Department of Homeland Security (DHS). He works as an independent security consultant and as a corporate security trainer. He designs and develops various detection technologies to secure both the host and the network, ranging from network security tools such as IDS/IPS to malware sandboxes, malware analysis tools, firewalls, and endpoints. He holds multiple patents in the field of security and speaks at security conferences and workshops. He has previously worked in threat research labs and detection engineering teams at RSA Security, Juniper Networks, Cyphort Cybersecurity, and various other cybersecurity startups.
Utilizziamo i cookie di profilazione, anche di terze parti, per migliorare la navigazione, per fornire servizi e proporti pubblicità in linea con le tue preferenze. Se vuoi saperne di più o negare il consenso a tutti o ad alcuni cookie clicca qui. Chiudendo questo banner o proseguendo nella navigazione acconsenti all’uso dei cookie.