97,55 €*
Versandkostenfrei per Post / DHL
Lieferzeit 1-2 Wochen
The book starts with an introduction to malware analysis and reverse engineering to provide insight on the different types of malware and also the terminology used in the anti-malware industry. You will know how to set up an isolated lab environment to safely execute and analyze malware. You will learn about malware packing, code injection, and process hollowing plus how to analyze, reverse, classify, and categorize malware using static and dynamic tools. You will be able to automate your malware analysis process by exploring detection tools to modify and trace malware programs, including sandboxes, IDS/IPS, anti-virus, and Windows binary [...] book provides comprehensive content in combination with hands-on exercises to help you dig into the details of malware dissection, giving you the confidence to tackle malware that enters your environment.
Effectively handle malware with custom packers and compilers
Unpack complex malware to locate vital malware components and decipher their intent
Use various static and dynamic malware analysis tools
Leverage the internals of various detection engineering tools to improve your workflow
Write Snort rules and learn to use them with Suricata IDS
The book starts with an introduction to malware analysis and reverse engineering to provide insight on the different types of malware and also the terminology used in the anti-malware industry. You will know how to set up an isolated lab environment to safely execute and analyze malware. You will learn about malware packing, code injection, and process hollowing plus how to analyze, reverse, classify, and categorize malware using static and dynamic tools. You will be able to automate your malware analysis process by exploring detection tools to modify and trace malware programs, including sandboxes, IDS/IPS, anti-virus, and Windows binary [...] book provides comprehensive content in combination with hands-on exercises to help you dig into the details of malware dissection, giving you the confidence to tackle malware that enters your environment.
Effectively handle malware with custom packers and compilers
Unpack complex malware to locate vital malware components and decipher their intent
Use various static and dynamic malware analysis tools
Leverage the internals of various detection engineering tools to improve your workflow
Write Snort rules and learn to use them with Suricata IDS
Abhijit Mohanta is an independent cybersecurity consultant and corporate trainer who has worked extensively in malware reverse engineering, vulnerability research, anti-virus engine development, anti-malware signature writing, and sandbox development. He has worked with the Symantec, McAfee, and Juniper Networks anti-malware labs. He holds several patents. He blogs regularly and has been a speaker at security conferences and workshops. His articles have been republished and quoted in a number of blogs and whitepapers, including eForensics magazine. He is also the author of the book Preventing Ransomware: Understand, Prevent, and Remediate Ransomware Attacks.
Anoop Saldanha is one of the core authors of the Suricata Intrusion Detection and Prevention System, funded by the US Department of Homeland Security (DHS). He works as an independent security consultant and as a corporate security trainer. He designs and develops various detection technologies to secure both the host and the network, ranging from network security tools such as IDS/IPS to malware sandboxes, malware analysis tools, firewalls, and endpoints. He holds multiple patents in the field of security and speaks at security conferences and workshops. He has previously worked in threat research labs and detection engineering teams at RSA Security, Juniper Networks, Cyphort Cybersecurity, and various other cybersecurity startups.
Part 1: Introduction.- Chapter 1. Introduction.- Chapter 2. Malware Analysis Lab Setup.- Part 2: OS and System Fundamentals.- Chapter 3. File and File Formats.-Chapter 4. Virtual Memory and the Portable Executable (PE) File.- Chapter 5. Windows Internals.- Part 3: Malware Components and Analysis.- Chapter 6. Malware Components and Distribution.- Chapter 7. Malware Packers.- Chapter 8. Persistence Mechanisms.- Chapter 9. Network Communication.- Chapter 10. Code Injection, Process Hollowing, and API Hooking.- Chapter 11. Stealth and Rootkits.- Part 4: Malware Analysis and Classification.- Chapter 12. Static Analysis.- Chapter 13. Dynamic Analysis.- Chapter 14. Memory Forensics With Volatility.- Chapter 15. Malware Payload Dissection and Classification.- Part 5: Malware Reverse Engineering.- Chapter 16. Debuggers and Assembly Language.- Chapter 17. Debugging Tricks for Unpacking Malware.- Chapter 18. Debugging Code Injection.- Chapter 19. Armoring and Evasion - The Anti Techniques.- Chapter 20. File-less, Macros, and Other Malware Trends.- Part 6: Detection Engineering.- Chapter 21. Dev Analysis Lab Setup.- Chapter 22. Anti-Virus Engines.- Chapter 23. IDS/IPS and Snort/Suricata Rule Writing.- Chapter 24. Malware Sandbox Internals.- Chapter 25. Binary Instrumentation for Reversing Automation.
Erscheinungsjahr: | 2020 |
---|---|
Fachbereich: | EDV |
Genre: | Importe, Informatik |
Rubrik: | Naturwissenschaften & Technik |
Thema: | Lexika |
Medium: | Taschenbuch |
Inhalt: |
xxxiv
914 S. 548 s/w Illustr. 914 p. 548 illus. |
ISBN-13: | 9781484261927 |
ISBN-10: | 1484261925 |
Sprache: | Englisch |
Einband: | Kartoniert / Broschiert |
Autor: |
Mohanta, Abhijit
Saldanha, Anoop |
Hersteller: | APRESS |
Verantwortliche Person für die EU: | APress in Springer Science + Business Media, Heidelberger Platz 3, D-14197 Berlin, juergen.hartmann@springer.com |
Maße: | 254 x 178 x 50 mm |
Von/Mit: | Abhijit Mohanta (u. a.) |
Erscheinungsdatum: | 23.09.2020 |
Gewicht: | 1,743 kg |
Abhijit Mohanta is an independent cybersecurity consultant and corporate trainer who has worked extensively in malware reverse engineering, vulnerability research, anti-virus engine development, anti-malware signature writing, and sandbox development. He has worked with the Symantec, McAfee, and Juniper Networks anti-malware labs. He holds several patents. He blogs regularly and has been a speaker at security conferences and workshops. His articles have been republished and quoted in a number of blogs and whitepapers, including eForensics magazine. He is also the author of the book Preventing Ransomware: Understand, Prevent, and Remediate Ransomware Attacks.
Anoop Saldanha is one of the core authors of the Suricata Intrusion Detection and Prevention System, funded by the US Department of Homeland Security (DHS). He works as an independent security consultant and as a corporate security trainer. He designs and develops various detection technologies to secure both the host and the network, ranging from network security tools such as IDS/IPS to malware sandboxes, malware analysis tools, firewalls, and endpoints. He holds multiple patents in the field of security and speaks at security conferences and workshops. He has previously worked in threat research labs and detection engineering teams at RSA Security, Juniper Networks, Cyphort Cybersecurity, and various other cybersecurity startups.
Part 1: Introduction.- Chapter 1. Introduction.- Chapter 2. Malware Analysis Lab Setup.- Part 2: OS and System Fundamentals.- Chapter 3. File and File Formats.-Chapter 4. Virtual Memory and the Portable Executable (PE) File.- Chapter 5. Windows Internals.- Part 3: Malware Components and Analysis.- Chapter 6. Malware Components and Distribution.- Chapter 7. Malware Packers.- Chapter 8. Persistence Mechanisms.- Chapter 9. Network Communication.- Chapter 10. Code Injection, Process Hollowing, and API Hooking.- Chapter 11. Stealth and Rootkits.- Part 4: Malware Analysis and Classification.- Chapter 12. Static Analysis.- Chapter 13. Dynamic Analysis.- Chapter 14. Memory Forensics With Volatility.- Chapter 15. Malware Payload Dissection and Classification.- Part 5: Malware Reverse Engineering.- Chapter 16. Debuggers and Assembly Language.- Chapter 17. Debugging Tricks for Unpacking Malware.- Chapter 18. Debugging Code Injection.- Chapter 19. Armoring and Evasion - The Anti Techniques.- Chapter 20. File-less, Macros, and Other Malware Trends.- Part 6: Detection Engineering.- Chapter 21. Dev Analysis Lab Setup.- Chapter 22. Anti-Virus Engines.- Chapter 23. IDS/IPS and Snort/Suricata Rule Writing.- Chapter 24. Malware Sandbox Internals.- Chapter 25. Binary Instrumentation for Reversing Automation.
Erscheinungsjahr: | 2020 |
---|---|
Fachbereich: | EDV |
Genre: | Importe, Informatik |
Rubrik: | Naturwissenschaften & Technik |
Thema: | Lexika |
Medium: | Taschenbuch |
Inhalt: |
xxxiv
914 S. 548 s/w Illustr. 914 p. 548 illus. |
ISBN-13: | 9781484261927 |
ISBN-10: | 1484261925 |
Sprache: | Englisch |
Einband: | Kartoniert / Broschiert |
Autor: |
Mohanta, Abhijit
Saldanha, Anoop |
Hersteller: | APRESS |
Verantwortliche Person für die EU: | APress in Springer Science + Business Media, Heidelberger Platz 3, D-14197 Berlin, juergen.hartmann@springer.com |
Maße: | 254 x 178 x 50 mm |
Von/Mit: | Abhijit Mohanta (u. a.) |
Erscheinungsdatum: | 23.09.2020 |
Gewicht: | 1,743 kg |