Automotive Holiday Deals Books Gift Guide Books Gift Guide Shop Men's Athletic Shoes Learn more nav_sap_SWP_6M_fly_beacon Train egg_2015 All-New Amazon Fire TV Beauty Deals Gifts for Her Amazon Gift Card Offer cm15 cm15 cm15 $30 Off Amazon Echo $30 Off Fire HD 6 Kindle Cyber Monday Deals AutoRip in CDs & Vinyl Shop Now HTL
Malware Analyst's Cookbook and over one million other books are available for Amazon Kindle. Learn more

Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.

  • Apple
  • Android
  • Windows Phone
  • Android

To get the free app, enter your email address or mobile phone number.

Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code 1st Edition

42 customer reviews
ISBN-13: 978-0470613030
ISBN-10: 0470613033
Why is ISBN important?
This bar-code number lets you verify that you're getting exactly the right version or edition of a book. The 13-digit and 10-digit formats both work.
Scan an ISBN with your phone
Use the Amazon App to scan ISBNs and compare prices.
Sell yours for a Gift Card
We'll buy it for $3.62
Learn More
Trade in now
Have one to sell? Sell on Amazon
Rent On clicking this link, a new layer will be open
$11.61 On clicking this link, a new layer will be open
Buy used On clicking this link, a new layer will be open
$24.77 On clicking this link, a new layer will be open
Buy new On clicking this link, a new layer will be open
$33.49 On clicking this link, a new layer will be open
More Buying Choices
43 New from $25.89 35 Used from $11.34
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student

$33.49 FREE Shipping on orders over $35. In Stock. Ships from and sold by Gift-wrap available.

Frequently Bought Together

  • Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
  • +
  • Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
  • +
  • The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory
Total price: $126.52
Buy the selected items together

Special Offers and Product Promotions

  • Take an Extra 30% Off Any Book: Use promo code HOLIDAY30 at checkout to get an extra 30% off any book for a limited time. Excludes Kindle eBooks and Audible Audiobooks. Restrictions apply. Learn more | Shop now

Editorial Reviews

From the Back Cover

Powerful, step-by-step solutions to dozens of common threats

We called this a cookbook because each "recipe" presents both the ingredients and the steps you take to resolve a specific problem or research a given threat. On the DVD, you'll find supporting files and original programs that provide additional resources. You'll learn how to analyze malware using tools written by the authors as well as hundreds of other publicly available tools. If your job involves incident response, computer forensics, systems security, or antivirus research, this book will become invaluable to you.

  • Learn to conduct online investigations without revealing your identity

  • Use honeypots to collect malware being distributed by bots and worms

  • Analyze JavaScript, PDFs, and Office documents for suspicious content

  • Build a low-budget malware lab with virtualization or bare bones hardware

  • Reverse engineer common encoding and encryption algorithms

  • Set up an advanced memory forensics platform for malware analysis

  • Investigate prevalent threats such as Zeus, Silent Banker, CoreFlood, Conficker, Virut, Clampi, Bankpatch, BlackEnergy, and many more!

On the DVD

Use the files on the DVD to follow along with the recipes or to conduct your own investigations and analyses. You will find:

  • Evidence files

  • Annotated videos

  • Source code

  • Windows and Linux tools

  • Over 50 original programs in Python, C/C++, and Perl

"The most useful technical security book I've read this year. A must-have for all who protect systems from malicious software."
Lenny Zeltser, Security Practice Director at Savvis and Senior Faculty Member at SANS Institute

"The ultimate guide for anyone interested in malware analysis."
Ryan Olson, Director, VeriSign iDefense Rapid Response Team

"Every page is filled with practical malware knowledge, innovative ideas, and useful tools. Worth its weight in gold!"
AAron Walters, Lead Developer of Volatility and VP of Security R&D at Terremark

About the Author

Michael Hale Ligh is a malicious code analyst at Verisign iDefense and Chief of Special Projects at MNIN Security.

Steven Adair is a member of the Shadowserver Foundation and frequently analyzes malware and tracks botnets. He also investigates cyber attacks of all kinds with an emphasis on those linked to cyber espionage.

Blake Hartstein is the author of multiple security tools and a Rapid Response Engineer at Verisign iDefense, where he responds to malware incidents.

Matthew Richard has authored numerous security tools and also ran a managed security service for banks and credit unions.


Product Details

  • Paperback: 744 pages
  • Publisher: Wiley; 1 edition (November 2, 2010)
  • Language: English
  • ISBN-10: 0470613033
  • ISBN-13: 978-0470613030
  • Product Dimensions: 7.4 x 1.6 x 9.2 inches
  • Shipping Weight: 2.5 pounds (View shipping rates and policies)
  • Average Customer Review: 4.5 out of 5 stars  See all reviews (42 customer reviews)
  • Amazon Best Sellers Rank: #91,053 in Books (See Top 100 in Books)

More About the Authors

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

88 of 89 people found the following review helpful By D. Craig on October 30, 2010
Format: Paperback Verified Purchase
I have just received this book and have not yet worked my way through all the chapters, but I have reviewed the contents and tool DVD. I teach college classes on Network and Computer forensics from a survey level through a hard-core programming level. I have likely purchased or been sent most of the books in this area, and this book does stand out for the following reasons.

1. The material is up-to-date. Tools and malware resources change on an almost daily basis and you need to get books that reflect current resources and best practices. This book does a very good job covering the current tools and resources. It provides the web addresses for the various tools and resources discussed in each chapter. It also refers to current research, articles, and conference material in the areas covered in the chapters.

2. The topics covered are comprehensive. The book includes topics on anonymizing (the first chapter), classifying malware, shellcode, DLL code injection, debugging, how to safely run malware in a virtual environment, dumping memory and memory forensics, debugging kernel code, etc. The topics are collected into 18 chapters and are very complete.

3. The focus of this book is performing analysis of malware (which includes a wide variety of exploit types) and creating/using the tools to perform this analysis. Numerous examples are given showing how the analysis can be done, and some background information is presented as needed.

4. The book assumes the reader has brains. Too many "Computer Forensics" books are a waste of time for someone that already has a background in programming, networking, etc.
Read more ›
1 Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
31 of 32 people found the following review helpful By David Nardoni, EnCE, GCIH, CISSP on November 12, 2010
Format: Paperback Verified Purchase
The Malware Analyst's Cookbook is the best book I have read when it comes to practical techniques for working with malware. This book give many practical examples to helping forensic examiners, incident responders, malware analysts or others on how to deal with malware. This book touches so many great areas when it comes to malware analysis it is hard to focus on highlighting them all.

One suggestion for those looking to purchase this book, it would help you to gain a mild understanding of python as many of the very great tools contained within the book rely on python. It is by no means necessary to understand python to use the tools but it would be helpful to better understand what the tools are doing.

I found the 4 chapters on memory analysis to be completely awesome! I have not seen such a wealth of information on memory analysis in once place. The chapters on memory analysis go from the basic analysis of memory dump to exploring code injection and rootkits to pulling registry and network artifacts from memory.

The book does a great job of introducing the reader to multiple ways in dealing with malware from using tools for classification, scanning with AV engines and sandboxes to working with DLLs and malware debugging. I really liked how when a tool is introduced then authors then usually have a script to automate much of the process. The DVD that comes with the book is worth the price of the book just by itself.

If you work with malware in any capacity I think this book with benefit you as it has so much to offer in so many areas when it comes to fighting malicious code.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
9 of 9 people found the following review helpful By Russell D. Holloway on December 6, 2010
Format: Paperback Verified Purchase
Still working my way through this book, but so far every chapter has been quite useful. This book is more of a practical guide to malware analysis than anything else. I have found that many of the previous books are in one of two cases: they either are not quite practical enough and simply teach the concepts without showing you how to use the programs (or often even mentioning the programs), or they are too difficult for those who want to learn more about the subject but haven't been doing it for years.

I understand that the concepts are key in the long run, and mentioning specific programs can lead to an outdated book faster, but considering this book just came out, the programs are indeed current and work great. The book goes through a good number of programs freely available on the web or included on dvd, and it describes them and how to use them / configure them as well, rather than simply presenting a list of programs.

The book is detailed and in-depth enough to provide good analysis of malware as well. It does assume some prior knowledge of programming, general security concepts, and different OS's, but it provides clear descriptions of malware analysis tools that are easy to follow.

Overall, it's a good book to pick up and work your way through, rather than read your way through. This is simply the way it's structured. As you read each chapter you feel the need to actually sit in front of a computer and FOLLOW the recipes to learn the material - something that can often be difficult to do with other textbooks. So far, my favorite book on the subject!
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
19 of 22 people found the following review helpful By A. Student on November 14, 2010
Format: Paperback
Malware is a highly prevalent threat and the techniques for studying it have tended to be obscure and rather difficult to ferret out. This book brings the techniques into the light and diligent study will add many useful tactics to your repetoire. The book is organized into "recipes" that are grouped into 18 chapters. Each recipe covers how to perform a particular "thing" clearly with illustrations, code/output samples and references for more detail. The tools DVD is organized into chapters matching the text and individual recipes refer you to the matching tool on the DVD.

It is a technical book so be warned that its benefits will be reaped only by dilignet study and working through the recipes.

Highly recommended for people enganged in or interested in malware analysis or even the more general topics of how malware operates. The script for automating analysis of suspect malware by multiple antivirus scanners from the command line (Chapter 4) are worth the price of the book alone.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse

Set up an Amazon Giveaway

Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
This item: Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Price: $33.49
Ships from and sold by

Want to discover more products? Check out these pages to see more: malware cookbook, virus programming, root kit