About Book

“This book is a beast! If you're looking to master the ever widening field of malware analysis, look no further, this is the definitive guide for you”

      - Pedram Amini , Founder Zero Day Initiative(ZDI) and OpenRCE, CTO InQuest.net

 

At 900+ pages, this is the most comprehensive guide available on the market for Malware Analysis, Malware Reverse Engineering and Detection Engineering.

Analyzing and reversing malwares is getting harder not just because of the huge influx of malwares every day, but also due to their increasing complexity and features. Speed, efficiency, efficacy and technical know-how are what’s greatly needed to make sure you are ahead of this malware curve to keep your environment safe. 

 

Malware Analysis and Detection Engineering is a one-stop guide to malware analysis that simplifies the topic by teaching you various undocumented tricks used by analysists in the industry. With this book by your side and the concepts learned, you should be able to extend your expertise to analyze and reverse challenges any malicious software throws at you.

 

The book starts with a brief introduction to malware analysis and reverse engineering, where you will gain insights on the different types of malwares and also the terminologies that are used in the anti-malware industry. You will learn to set up an isolated lab environment to safely execute and analyze any malware. Taking a view of the various OS internal features, you will not just learn about the various components of malware like malware packing, code injection and process hollowing, but also how to analyze, reverse, classify and categorize them using various static and dynamic tools. Finally, you will learn to automate your malware analysis process by exploring the internals of various detection tools including Sandboxes, Anti-Virus, IDS/IPS and Windows Binary Instrumentation that can be used to modify and trace malware programs under execution.

Our comprehensive content in combination with our controlled hands-on exercises throughout the book have been engineered to help you dig into the details of malware dissection at your own speed, thereby giving you a microscopic view of the analysis steps. Also, with the help of a wide variety of real-world malware exercises, the book aims to solidify the concepts and techniques you learn, giving you the confidence to tackle any malware that enters your environment. With this book by your side you will learn to:

• Analyze, dissect, eeverse engineer and classify malwares using various analysis tools.
• Effectively handle malware with custom packers and compilers.
• Unpack complex malware to locate vital malware components and decipher their intent.
• Learn to effectively use various static and dynamic malware analysis tools.
• Leverage the internals of various Detection Engineering Tools like anti-viruses, sandboxes, IDS/IPS to improve your workflow.
• Write Snort rules and learn to use them with Suricata IDS.
• Learn about Binary Instrumentation and how to use it to automate malware reverse engineering.
• Get introduced to power debugging tools like OllyDbg and the famous IDA Pro from Hex-Rays.