Malware. You know what it is. Perhaps you’ve even fought a malware infection or two. Wouldn’t it be nice if the good guys finally had one really complete guide to analyzing malware to help protect us all from spyware, worms, trojan horses, rootkits, and who knows what else?
Practical Malware Analysis is filled with tutorials and lab-based dissections, this landmark tome is unlike any other. In it, readers learn how the professionals analyze malware; debug and disassemble it to see how it works; determine the damage done; find out how to identify and eradicate it; and ultimately, ensure that it won’t return.
Readers of Practical Malware Analysis will learn how to:
- Set up a safe virtual environment to analyze malware
- Quickly extract network signatures and host-based indicators
- Use key analysis tools like IDA Pro, OllyDbg, and WinDbg
- Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques
- Use their newfound knowledge of Windows internals for malware analysis
- Develop a methodology for unpacking malware and get practical experience with five of the most popular packers
- Analyze special cases of malware with shellcode, C++, and 64-bit code.
Hundreds of pages of hands-on labs challenge readers to practice their skills as they dissect real malware samples (safely, of course), while offering extensive discussions of how to perform the dissections.
Whether tasked with fighting malware on one network or a thousand, readers will find what they need to succeed in Practical Malware Analysis.