malware analysis books
There are a bunch of books on Malware Analysis and over the last couple of years, the number of available options has increased a lot. A quick search on Amazon might show some of the available options that you can start with, and you ‘ll have also a lot of options for learning Assembly, Network Detection and many other tools used for this.
If you’re looking for some specific recommendations check this list:
malware analysis books
practical malware analysis
practical malware analysis is one of the best malware analysis books It’s a step by step guide with a hands-on approach to learning about the most common techniques applied by an analyst to dissect malware, with plenty of exercises and light reading that will lead you to a lot of content.
It will cover mostly Windows malware, it’s a really good place to start if you have no experience or want to refresh some of the knowledge.
You’ll learn how to:
- Setup a safe virtual environment to analyze malware
- How to setup your own personal malware analysis lab
- Quickly extract network signatures and host-based indicators
- Use key analysis tools like IDA Pro, OllyDbg, and WinDbg
- Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques
- Use your newfound knowledge of Windows internals for malware analysis
- Develop a methodology for unpacking malware and get practical experience with five of the most popular packers
- Analyze special cases of malware with shellcode, C++, and 64-bit code
books like practical malware analysis
malware analyst cookbook
Windows Malware Analysis Essentials:
This Book starts out with well written introductory chapters to catch people back upon the knowledge they need in order to properly grasp later concepts, Concepts such as a basic understanding of bits and x86 assembly that are not otherwise easily grasped. This book also contains a plethora of information on malware structure, basic tooling used to understand malware, and is often written in a playful and enjoyable manner that assists in making the content a pleasure to read. I know it says “Windows” in the title, but many of the topics covered and tooling carries over to other platforms as well.
What You Will Learn
- Use the positional number system for a clear conception of Boolean algebra, that applies to malware research purposes
- Get introduced to static and dynamic analysis methodologies and build your own malware lab
- Analyse destructive malware samples from the real world (ITW) from fingerprinting and static/dynamic analysis to the final debrief
- Understand different modes of linking and how to compile your own libraries from assembly code and integrate the codein your final program
- Get to know about the various emulators, debuggers and their features, and sandboxes and set them up effectively depending on the required scenario
- Deal with other malware vectors such as pdf and MS-Office based malware as well as scripts and shellcode
practical reverse engineering: x86, x64
practical reverse engineering: x86, x64, arm, windows kernel, reversing tools, and obfuscation
This book does a good job of teaching. It’s not just another reference book. A lot of technical books just blast facts at you, and sure you might learn a lot but you don’t know how the author learned those things himself. This book takes more of a teaching approach: You learn how the authors learned things.
it’s one of the best malware analysis books, This book is fairly small for a technical book at only 340 pages, but it is very dense. Every sentence is important.
This will teach you assembly, then teach you how it relates to C, how to go back and forth between the two, and how it all works with the Windows kernel.
The Art of Memory Forensics
The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory
AMF is a volume of stuff you just have to know, or at least you have to know where to find it. The book is an essential reference, reasonably complete and well written.
Discover memory forensics techniques:
- How volatile memory analysis improves digital investigations
- Proper investigative steps for detecting stealth malware and advanced threats
- How to use free, open source tools for conducting thorough memory forensics
- Ways to acquire memory from suspect systems in a forensically sound manner
malware forensics field guide for windows systems
Malware Forensics Field Guide for Windows Systems: Digital Forensics Field Guides
This is a must have forensics guide. It contains a lot of useful tips and checklists. But it is not only a big checklist, it will guide you and states clearly what steps you need to follow and it is understandable why you need to do it. Also contains a lot of examples of how you can use a whole list of programs (free or commercial).
This field guide is intended for computer forensic investigators, analysts, and specialists.
- A condensed hand-held guide complete with on-the-job tasks and checklists
- Specific for Windows-based systems, the largest running OS in the world
- Authors are world-renowned leaders in investigating and analyzing malicious code
Make sure to check