Description
Part 1: Introduction
1. Introduction
2. Malware Analysis Lab Setup
Part 2: OS and System Fundamentals3. File & File Formats
4. Virtual Memory & Portable Executable(PE) File
5. Windows InternalsPart 3: Malware Components & Analysis
6. Malware Components & Distribution
7. Malware Packers8. Persistence Mechanisms
9. Network Communication
10. Code Injection, Process Hollowing & API Hooking11. Stealth and Rootkits
Part 3: Malware Analysis & Classification
12. Static Analysis13. Dynamic Analysis
14. Memory Forensics With Volatility
15. Malware Payload Dissection & ClassificationPart 4: Malware Reverse Engineering
16. Debuggers & Assembly Language
17. Debugging Tricks for Unpacking Malwares18. Debugging Code Injection
19. Armoring & Evasion - The Anti Techniques
20. File-less, Macros & Other Malware TrendsPart 5: Detection Engineering
21. Dev Analysis Lab Setup
22. Anti-Virus Engines23. IDS/IPS & Snort/Suricata Rule Writing
24. Malware Sandbox Internals
25. Binary Instrumentation for Reversing AutomationAuthor: Abhijit Mohanta, Anoop Saldanha
Publisher: Apress
Published: 10/22/2020
Pages: 914
Binding Type: Paperback
Weight: 3.55lbs
Size: 10.00h x 7.00w x 1.87d
ISBN13: 9781484261927
ISBN10: 1484261925
BISAC Categories:
- Computers | Security | Network Security
- Computers | Networking | Hardware
- Computers | Data Science | General
About the Author
Abhijit Mohanta is an independent cybersecurity consultant and corporate trainer who has worked extensively in malware reverse engineering, vulnerability research, anti-virus engine development, anti-malware signature writing, and sandbox development. He has worked with the Symantec, McAfee, and Juniper Networks anti-malware labs. He holds several patents. He blogs regularly and has been a speaker at security conferences and workshops. His articles have been republished and quoted in a number of blogs and whitepapers, including eForensics magazine. He is also the author of the book Preventing Ransomware: Understand, Prevent, and Remediate Ransomware Attacks.
Anoop Saldanha is one of the core authors of the Suricata Intrusion Detection and Prevention System, funded by the US Department of Homeland Security (DHS). He works as an independent security consultant and as a corporate security trainer. He designs and develops various detection technologies to secure both the host and the network, ranging from network security tools such as IDS/IPS to malware sandboxes, malware analysis tools, firewalls, and endpoints. He holds multiple patents in the field of security and speaks at security conferences and workshops. He has previously worked in threat research labs and detection engineering teams at RSA Security, Juniper Networks, Cyphort Cybersecurity, and various other cybersecurity startups.