Introduction
Part 1: ROOTKITS
Chapter 1: What’s in a Rootkit: The TDL3 Case Study
Chapter 2: Festi Rootkit: The Most Advanced Spam Bot
Chapter 3: Observing Rootkit Infections
Part 2: BOOTKITS
Chapter 4: Bootkit Background and History
Chapter 5: Operating System Boot Process Essentials
Chapter 6: Boot Process Security
Chapter 7: Bootkit Infection Techniques
Chapter 8: Static Analysis of a Bootkit Using IDA Pro
Chapter 9: Bootkit Dynamic Analysis: Emulators and Virtualization
Chapter 10: Evolution of MBR and VBR Infection Techniques: Olmasco
Chapter 11: IPL Bootkits: Rovnix & Carberp
Chapter 12: Gapz: Advanced VBR Infection
Chapter 13: The Rise of MBR Ransomeware
Chapter 14: UEFI Boot vs. MBR/VBR Boot Process
Chapter 15: Contemporary UEFI Bootkits
Chapter 16: UEFI Firmware Vulnerabilities
Part 3: DEFENSE AND FORENSIC TECHNIQUES
Chapter 17: How Secure Boot Works
Chapter 18: Analyzing the Hidden File System
Chapter 19: CHIPsec: BIOS/UEFI Forensics