From the Back Cover
We called this a cookbook because each "recipe" presents both the ingredients and the steps you take to resolve a specific problem or research a given threat. On the DVD, you'll find supporting files and original programs that provide additional resources. You'll learn how to analyze malware using tools written by the authors as well as hundreds of other publicly available tools. If your job involves incident response, computer forensics, systems security, or antivirus research, this book will become invaluable to you.
Learn to conduct online investigations without revealing your identity
Use honeypots to collect malware being distributed by bots and worms
Build a low-budget malware lab with virtualization or bare bones hardware
Reverse engineer common encoding and encryption algorithms
Set up an advanced memory forensics platform for malware analysis
Investigate prevalent threats such as Zeus, Silent Banker, CoreFlood, Conficker, Virut, Clampi, Bankpatch, BlackEnergy, and many more!
On the DVD
Use the files on the DVD to follow along with the recipes or to conduct your own investigations and analyses. You will find:
Windows and Linux tools
Over 50 original programs in Python, C/C++, and Perl
"The most useful technical security book I've read this year. A must-have for all who protect systems from malicious software."
—Lenny Zeltser, Security Practice Director at Savvis and Senior Faculty Member at SANS Institute
"The ultimate guide for anyone interested in malware analysis."
—Ryan Olson, Director, VeriSign iDefense Rapid Response Team
"Every page is filled with practical malware knowledge, innovative ideas, and useful tools. Worth its weight in gold!"
—AAron Walters, Lead Developer of Volatility and VP of Security R&D at Terremark
About the Author
Steven Adair is a member of the Shadowserver Foundation and frequently analyzes malware and tracks botnets. He also investigates cyber attacks of all kinds with an emphasis on those linked to cyber espionage.
Blake Hartstein is the author of multiple security tools and a Rapid Response Engineer at Verisign iDefense, where he responds to malware incidents.
Matthew Richard has authored numerous security tools and also ran a managed security service for banks and credit unions.