"This book is full of practical information, real-world examples, and cutting-edge techniques for discovering, reverse engineering, and analyzing state-of-the-art malware. It covers the basics in the context of the Windows operating system and details the tricks and evasive maneuvers that malware programs use to avoid detection and security controls. The book also instructs the reader on how to build their own anti-evasion analysis lab"--
"This book is full of practical information, real-world examples, and cutting-edge techniques for discovering, reverse engineering, and analyzing state-of-the-art malware. It covers the basics in the context of the Windows operating system and details the tricks and evasive maneuvers that malware programs use to avoid detection and security controls. The book also instructs the reader on how to build their own anti-evasion analysis lab"--Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Kyle Cucci has over 17 years in cybersecurity and IT, including roles as a malware analyst and detection engineer with Proofpoint’s Threat Research team and leader of the forensic investigations and malware research teams at Deutsche Bank. Cucci regularly speaks at security conferences and has led international trainings and workshops on topics such as malware analysis and security engineering. In his free time, Cucci enjoys contributing to the community via open source tooling, research, and blogging.
Inhaltsangabe
Introduction Part I: The Fundamentals Chapter 1: Windows Foundational Concepts Chapter 2: A Crash Course in Malware Triage and Behavioral Analysis Chapter 3: A Crash Course in Static and Dynamic Code Analysis Part II: Context Awareness and Sandbox Evasion Chapter 4: Enumerating Operating System Artifacts Chapter 5: User Environment and Interaction Detection Chapter 6: Enumerating Hardware and Network Configurations Chapter 7: Runtime Environment and Virtual Processor Anomalies Chapter 8: Evading Sandboxes and Disrupting Analysis Part III: Anti-reversing Chapter 9: Anti-disassembly Chapter 10: Anti-debugging Chapter 11: Covert Code Execution and Misdirection Part IV: Defense Evasion Chapter 12: Process Injection, Manipulation, and Hooking Chapter 13: Evading Network and Endpoint Defenses Chapter 14: An Introduction to Rootkits Chapter 15: Fileless Malware and Anti-forensics Part V: Other Topics Chapter 16: Encoding and Encryption Chapter 17: Packers and Unpacking Malware Chapter 18: Tips for Building an Anti-evasion Analysis Lab Appendix A: Evasion-Related Windows API Functions Appendix B: Windows LOLbins and Example Usage Appendix C: Further Reading
Introduction Part I: The Fundamentals Chapter 1: Windows Foundational Concepts Chapter 2: A Crash Course in Malware Triage and Behavioral Analysis Chapter 3: A Crash Course in Static and Dynamic Code Analysis Part II: Context Awareness and Sandbox Evasion Chapter 4: Enumerating Operating System Artifacts Chapter 5: User Environment and Interaction Detection Chapter 6: Enumerating Hardware and Network Configurations Chapter 7: Runtime Environment and Virtual Processor Anomalies Chapter 8: Evading Sandboxes and Disrupting Analysis Part III: Anti-reversing Chapter 9: Anti-disassembly Chapter 10: Anti-debugging Chapter 11: Covert Code Execution and Misdirection Part IV: Defense Evasion Chapter 12: Process Injection, Manipulation, and Hooking Chapter 13: Evading Network and Endpoint Defenses Chapter 14: An Introduction to Rootkits Chapter 15: Fileless Malware and Anti-forensics Part V: Other Topics Chapter 16: Encoding and Encryption Chapter 17: Packers and Unpacking Malware Chapter 18: Tips for Building an Anti-evasion Analysis Lab Appendix A: Evasion-Related Windows API Functions Appendix B: Windows LOLbins and Example Usage Appendix C: Further Reading
Es gelten unsere Allgemeinen Geschäftsbedingungen: www.buecher.de/agb
Impressum
www.buecher.de ist ein Internetauftritt der buecher.de internetstores GmbH
Geschäftsführung: Monica Sawhney | Roland Kölbl | Günter Hilger
Sitz der Gesellschaft: Batheyer Straße 115 - 117, 58099 Hagen
Postanschrift: Bürgermeister-Wegele-Str. 12, 86167 Augsburg
Amtsgericht Hagen HRB 13257
Steuernummer: 321/5800/1497
