1. Practical Malware Analysis: A Hands-On Guide to Dissecting Malicious Software 1st Edition
Price – $28.78 (Paperback) & $34.35 (Kindle)
Rating – 4.5 out of 5
Nostarch Link – https://nostarch.com/malware
Malware analysis is big business, and attacks can cost a company dearly. When malware breaches your defenses, you need to act quickly to cure current infections and prevent future ones from occurring.
What’s inside this book –
- How to set up a safe virtual environment to analyze malware
- How to extract network signatures and host-based indicators
- How to use key analysis tools like IDA Pro, OllyDbg, and WinDbg
- How to overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques
- How to develop a custom methodology for unpacking malware and get practical experience with five of the most popular packers
- How to analyze special cases of malware with shellcode, C++, and 64-bit code.
We must say, this is one of the best malware analysis book ever which offers detailed coverage of all the essential skills required to understand the specific challenges presented by modern malware. All the chapters contain detailed technical explanations and hands-on lab exercises to get you immediate exposure to real malware.
About Authors –
- Michael Sikorski is a malware analyst, researcher, and security consultant at Mandiant. His previous employers include the National Security Agency and MIT Lincoln Laboratory. Mike frequently teaches malware analysis to a variety of audiences including the FBI and Black Hat.
- Andrew Honig is an Information Assurance Expert for the Department of Defense. He teaches courses on software analysis, reverse engineering, and Windows system programming. Andy is publicly credited with several zero-day exploits in VMware’s virtualization products.
2. The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory
Price – $40.26 (Paperback) & $10.23 (Kindle)
Rating – 4.8 out of 5
Memory forensics is the art of analyzing computer memory (RAM) to solve digital crimes. As a follow-up to the best seller Malware Analyst’s Cookbook, experts in the fields of malware, security, and digital forensics bring you a step-by-step guide to memory forensics—now the most sought after skill in the digital forensics and incident response fields.
Beginning with introductory concepts and moving toward the advanced, this book is totally based on a five day training course that the authors have presented to hundreds of students. It is the only book on the market that focuses exclusively on memory forensics and how to deploy such techniques properly.
You can easily learn, how to discover memory forensics techniques:
- How volatile memory analysis improves digital investigations
- Proper investigative steps for detecting stealth malware and advanced threats
- How to use free, open source tools for conducting thorough memory forensics
- Ways to acquire memory from suspect systems in a forensically sound manner
About Authors –
- Michael Hale Ligh is author of Malware Analyst’s Cookbook, Secretary/Treasurer of Volatility Foundation, and a world-class reverse engineer.
- Andrew Case is a Digital Forensics Researcher specializing in memory, disk, and network forensics.
- Jamie Levy is a Senior Researcher and Developer, targeting memory, network, and malware forensics analysis.
- AAron Walters is founder and lead developer of the Volatility Project, President of the Volatility Foundation, and Chair of Open Memory Forensics Workshop.
The Art of Memory Forensics (AOMF) is a ground-breaking technical resource (800+ pages) that is critical to everyone who currently works in Information Security or aspires to. We leverage this book almost daily as a digital forensics and incident response practitioner. It allows analysts better understand multiple OS (Windows / OSX / Linux) data and memory structures and how forensic tools can used and be written to parse them. AOMF also starts at a lower level than memory, defining Intel (IA) and related hardware architecture before building up to data types and structures found in memory.
3. Malware Analyst’s Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Price – $36.90 (Paperback) & $6.01 (Kindle)
Rating – 4.4 out of 5
With our ever-increasing reliance on computers comes an ever-growing risk of malware. Security professionals will find plenty of solutions in this book to the problems posed by viruses, Trojan horses, worms, spyware, rootkits, adware, and other invasive software. Written by well-known malware experts, this book reveals solutions to numerous problems and includes a DVD of custom programs and tools that illustrate the concepts, enhancing your skills.
What’s Inside this book –
- Learn to conduct online investigations without revealing your identity
- Use honeypots to collect malware being distributed by bots and worms
- Build a low-budget malware lab with virtualization or bare bones hardware
- Reverse engineer common encoding and encryption algorithms
- Set up an advanced memory forensics platform for malware analysis
- Investigate prevalent threats such as Zeus, Silent Banker, CoreFlood, Conficker, Virut, Clampi, Bankpatch, BlackEnergy, and many more!
About Authors –
- Michael Hale Ligh is a malicious code analyst at Verisign iDefense and Chief of Special Projects at MNIN Security.
- Steven Adair is a member of the Shadowserver Foundation and frequently analyzes malware and tracks botnets. He also investigates cyber attacks of all kinds with an emphasis on those linked to cyber espionage.
- Blake Hartstein is the author of multiple security tools and a Rapid Response Engineer at Verisign iDefense, where he responds to malware incidents.
- Matthew Richard has authored numerous security tools and also ran a managed security service for banks and credit unions.
This book is one of the best book who are into malware analysis domain. We would highly recommend this book to anyone who works in the computer forensics or even a desktop support person, don’t forget to use the commands and examples on the CD they are great as well.