Zum Hauptinhalt springen
Dekorationsartikel gehören nicht zum Leistungsumfang.
Evasive Malware
A Field Guide to Detecting, Analyzing, and Defeating Advanced Threats
Taschenbuch von Kyle Cucci
Sprache: Englisch

76,95 €*

inkl. MwSt.

Versandkostenfrei per Post / DHL

Lieferzeit 1-2 Wochen

Kategorien:
Beschreibung
"This book is full of practical information, real-world examples, and cutting-edge techniques for discovering, reverse engineering, and analyzing state-of-the-art malware. It covers the basics in the context of the Windows operating system and details the tricks and evasive maneuvers that malware programs use to avoid detection and security controls. The book also instructs the reader on how to build their own anti-evasion analysis lab"--
"This book is full of practical information, real-world examples, and cutting-edge techniques for discovering, reverse engineering, and analyzing state-of-the-art malware. It covers the basics in the context of the Windows operating system and details the tricks and evasive maneuvers that malware programs use to avoid detection and security controls. The book also instructs the reader on how to build their own anti-evasion analysis lab"--
Über den Autor
Kyle Cucci has over 17 years in cybersecurity and IT, including roles as a malware analyst and detection engineer with Proofpoint’s Threat Research team and leader of the forensic investigations and malware research teams at Deutsche Bank. Cucci regularly speaks at security conferences and has led international trainings and workshops on topics such as malware analysis and security engineering. In his free time, Cucci enjoys contributing to the community via open source tooling, research, and blogging.
Inhaltsverzeichnis
Introduction

Part I: The Fundamentals
Chapter 1: Windows Foundational Concepts
Chapter 2: A Crash Course in Malware Triage and Behavioral Analysis
Chapter 3: A Crash Course in Static and Dynamic Code Analysis

Part II: Context Awareness and Sandbox Evasion
Chapter 4: Enumerating Operating System Artifacts
Chapter 5: User Environment and Interaction Detection
Chapter 6: Enumerating Hardware and Network Configurations
Chapter 7: Runtime Environment and Virtual Processor Anomalies
Chapter 8: Evading Sandboxes and Disrupting Analysis

Part III: Anti-reversing
Chapter 9: Anti-disassembly
Chapter 10: Anti-debugging
Chapter 11: Covert Code Execution and Misdirection

Part IV: Defense Evasion
Chapter 12: Process Injection, Manipulation, and Hooking
Chapter 13: Evading Network and Endpoint Defenses
Chapter 14: An Introduction to Rootkits
Chapter 15: Fileless Malware and Anti-forensics

Part V: Other Topics
Chapter 16: Encoding and Encryption
Chapter 17: Packers and Unpacking Malware
Chapter 18: Tips for Building an Anti-evasion Analysis Lab

Appendix A: Evasion-Related Windows API Functions
Appendix B: Windows LOLbins and Example Usage
Appendix C: Further Reading
Details
Erscheinungsjahr: 2024
Fachbereich: Datenkommunikation, Netze & Mailboxen
Genre: Importe, Informatik
Rubrik: Naturwissenschaften & Technik
Medium: Taschenbuch
Inhalt: Einband - flex.(Paperback)
ISBN-13: 9781718503267
ISBN-10: 1718503261
Sprache: Englisch
Einband: Kartoniert / Broschiert
Autor: Cucci, Kyle
Hersteller: No Starch Press,US
Verantwortliche Person für die EU: Springer Fachmedien Wiesbaden GmbH, Postfach:15 46, D-65189 Wiesbaden, info@bod.de
Maße: 230 x 177 x 29 mm
Von/Mit: Kyle Cucci
Erscheinungsdatum: 10.09.2024
Gewicht: 0,92 kg
Artikel-ID: 126875174
Über den Autor
Kyle Cucci has over 17 years in cybersecurity and IT, including roles as a malware analyst and detection engineer with Proofpoint’s Threat Research team and leader of the forensic investigations and malware research teams at Deutsche Bank. Cucci regularly speaks at security conferences and has led international trainings and workshops on topics such as malware analysis and security engineering. In his free time, Cucci enjoys contributing to the community via open source tooling, research, and blogging.
Inhaltsverzeichnis
Introduction

Part I: The Fundamentals
Chapter 1: Windows Foundational Concepts
Chapter 2: A Crash Course in Malware Triage and Behavioral Analysis
Chapter 3: A Crash Course in Static and Dynamic Code Analysis

Part II: Context Awareness and Sandbox Evasion
Chapter 4: Enumerating Operating System Artifacts
Chapter 5: User Environment and Interaction Detection
Chapter 6: Enumerating Hardware and Network Configurations
Chapter 7: Runtime Environment and Virtual Processor Anomalies
Chapter 8: Evading Sandboxes and Disrupting Analysis

Part III: Anti-reversing
Chapter 9: Anti-disassembly
Chapter 10: Anti-debugging
Chapter 11: Covert Code Execution and Misdirection

Part IV: Defense Evasion
Chapter 12: Process Injection, Manipulation, and Hooking
Chapter 13: Evading Network and Endpoint Defenses
Chapter 14: An Introduction to Rootkits
Chapter 15: Fileless Malware and Anti-forensics

Part V: Other Topics
Chapter 16: Encoding and Encryption
Chapter 17: Packers and Unpacking Malware
Chapter 18: Tips for Building an Anti-evasion Analysis Lab

Appendix A: Evasion-Related Windows API Functions
Appendix B: Windows LOLbins and Example Usage
Appendix C: Further Reading
Details
Erscheinungsjahr: 2024
Fachbereich: Datenkommunikation, Netze & Mailboxen
Genre: Importe, Informatik
Rubrik: Naturwissenschaften & Technik
Medium: Taschenbuch
Inhalt: Einband - flex.(Paperback)
ISBN-13: 9781718503267
ISBN-10: 1718503261
Sprache: Englisch
Einband: Kartoniert / Broschiert
Autor: Cucci, Kyle
Hersteller: No Starch Press,US
Verantwortliche Person für die EU: Springer Fachmedien Wiesbaden GmbH, Postfach:15 46, D-65189 Wiesbaden, info@bod.de
Maße: 230 x 177 x 29 mm
Von/Mit: Kyle Cucci
Erscheinungsdatum: 10.09.2024
Gewicht: 0,92 kg
Artikel-ID: 126875174
Sicherheitshinweis

Ähnliche Produkte

Ähnliche Produkte