|
|
San Francisco, CA, February 14, 2012—Malware. You know what it is. Perhaps you've even fought a malware infection or two. Wouldn't it be nice if the good guys finally had one really complete guide to analyzing malware to help protect us all from spyware, worms, trojan horses, rootkits, and who knows what else?
Our readers have been waiting a long time for the publication of Practical Malware Analysis (No Starch Press, Feb. 2012, 800 pp., $59.95, ISBN 9781593272906), and at last it's here. Filled with tutorials and lab-based dissections, this landmark tome is unlike any other. In it, readers learn how the professionals analyze malware; debug and disassemble it to see how it works; determine the damage done; find out how to identify and eradicate it; and ultimately, ensure that it won't return.
"Malware analysis is a cat-and-mouse game with rules that are constantly changing," said No Starch Press founder Bill Pollock. "Our readers have been asking me for months when Practical Malware Analysis would be published, and I'm so excited that it's here. Finally, we have a definitive guide to help win the fight against malware. But don't believe me—just look at the pre-publication reviews below. This book is good!"
Readers of Practical Malware Analysis will learn how to:
- Set up a safe virtual environment to analyze malware
- Quickly extract network signatures and host-based indicators
- Use key analysis tools like IDA Pro, OllyDbg, and WinDbg
- Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques
- Use their newfound knowledge of Windows internals for malware analysis
- Develop a methodology for unpacking malware and get practical experience with five of the most popular packers
- Analyze special cases of malware with shellcode, C++, and 64-bit code
Hundreds of pages of hands-on labs challenge readers to practice their skills as they dissect real malware samples (safely, of course), while offering extensive discussions of how to perform the dissections. Whether tasked with fighting malware on one network or a thousand, readers will find what they need to succeed in Practical Malware Analysis.
For more information or to request a review copy of Practical Malware Analysis, contact Travis Peterson at No Starch Press ([email protected], +1.415.863.9900, x108), or visit www.nostarch.com.
About the Authors
Michael Sikorski is a malware analyst, researcher, and security consultant at Mandiant. His previous employers include the National Security Agency and MIT Lincoln Laboratory. Sikorski frequently teaches malware analysis to a variety of audiences including the FBI and Black Hat conferences.
Andrew Honig is an Information Assurance Expert for the Department of Defense. He teaches courses on software analysis, reverse engineering, and Windows system programming. Honig is credited with several zero-day exploits in VMware's virtualization products.
PRAISE FOR PRACTICAL MALWARE ANALYSIS
"The book every malware analyst should keep handy."
—RICHARD BEJTLICH, CSO OF MANDIANT & FOUNDER OF TAOSECURITY
"An excellent crash course in malware analysis."
—DINO DAI ZOVI, INDEPENDENT SECURITY CONSULTANT
". . . the most comprehensive guide to analysis of malware, offering detailed coverage of all the essential skills required to understand the specific challenges presented by modern malware."
—CHRIS EAGLE, SENIOR LECTURER OF COMPUTER SCIENCE, NAVAL POSTGRADUATE SCHOOL
"A hands-on introduction to malware analysis. I'd recommend it to anyone who wants to dissect Windows malware."
—ILFAK GUILFANOV, CREATOR OF IDA PRO
". . . a great introduction to malware analysis. All chapters contain detailed technical explanations and hands-on lab exercises to get you immediate exposure to real malware."
—SEBASTIAN PORST, GOOGLE SOFTWARE ENGINEER
". . . brings reverse engineering to readers of all skill levels. Technically rich and accessible, the labs will lead you to a deeper understanding of the art and science of reverse engineering. I strongly recommend this book for beginners and experts alike."
—DANNY QUIST, PhD, FOUNDER OF OFFENSIVE COMPUTING
"A truly stunning text that accomplishes the nearly impossible. It takes the reader on a journey from novice to expert and keeps you engaged at every step of the way. If you only read one malware book or are looking to break into the world of malware analysis, this is the book to get."
—PATRICK ENGBRETSON, IA PROFESSOR, DAKOTA STATE UNIVERSITY & AUTHOR OF THE BASICS OF HACKING AND PEN TESTING
". . . an excellent addition to the course materials for an advanced graduate level course on Software Security or Intrusion Detection Systems. The labs are especially useful to students in teaching the methods to reverse engineer, analyze, and understand malicious software."
—SAL STOLFO, PROFESSOR, COLUMBIA UNIVERSITY
Additional Resources
Chapter 12: "Covert Malware Launching" (PDF)
Table of Contents
Detailed Table of Contents (PDF)
Index (PDF)
No Starch Press Catalog Page
You Might Also Be Interested In:
Available in fine bookstores everywhere, from http://www.oreilly.com/nostarch or directly from No Starch Press (http://www.nostarch.com, [email protected], 1-800-420-7240).
About No Starch Press
Founded in 1994, No Starch Press publishes the finest in geek entertainment—unique books on technology, with a focus on open source, security, hacking, programming, alternative operating systems, LEGO, science, and math. Our titles have personality, our authors are passionate, and our books tackle topics that people care about. Visit http://www.nostarch.com for a complete catalog.
About O'Reilly
O'Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O'Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying "faint signals" from the alpha geeks who are creating the future. An active participant in the technology community, the company has a long history of advocacy, meme-making, and evangelism.
# # #
O'Reilly is a registered trademark of O'Reilly Media, Inc. All other trademarks are the property of their respective owners.
|