Practical Malware Analysis and over one million other books are available for Amazon Kindle. Learn more
Qty:1
  • List Price: $59.95
  • Save: $21.95 (37%)
In Stock.
Ships from and sold by Amazon.com.
Gift-wrap available.
Add to Cart
Condition: Used: Acceptable
Comment: Item may not include associated media. Large wrinkle / bend on front cover. Large wrinkle / bend on back cover. Small mark / wear on spine. Large wrinkle / bend on pages.
Access codes and supplements are not guaranteed with used items.
Add to Cart
Trade in your item
Get a $13.47
Gift Card.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software Paperback – March 3, 2012

ISBN-13: 978-1593272906 ISBN-10: 1593272901 Edition: 1st

Buy New
Price: $38.00
57 New from $31.39 47 Used from $25.00
Amazon Price New from Used from
eTextbook
"Please retry"
Paperback
"Please retry"
$38.00
$31.39 $25.00

Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student



Frequently Bought Together

Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software + Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code + The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler
Price for all three: $106.49

Buy the selected items together

NO_CONTENT_IN_FEATURE

Shop the new tech.book(store)
New! Introducing the tech.book(store), a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Paperback: 800 pages
  • Publisher: No Starch Press; 1 edition (March 3, 2012)
  • Language: English
  • ISBN-10: 1593272901
  • ISBN-13: 978-1593272906
  • Product Dimensions: 9.2 x 7.1 x 1.5 inches
  • Shipping Weight: 2.7 pounds (View shipping rates and policies)
  • Average Customer Review: 4.6 out of 5 stars  See all reviews (37 customer reviews)
  • Amazon Best Sellers Rank: #25,980 in Books (See Top 100 in Books)

Editorial Reviews

Amazon.com Review

Praise for Practical Malware Analysis

“The book every malware analyst should keep handy.”
--Richard Bejtlich, CSO, Mandiant & Founder of TaoSecurity

“An excellent crash course in malware analysis.”
--Dino Dai Zovi, Independent Security Consultant

“. . . the most comprehensive guide to analysis of malware, offering detailed coverage of all the essential skills required to understand the specific challenges presented by modern malware.”
--Chris Eagle, Senior Lecturer of Computer Science at the Naval Postgraduate School

“A hands-on introduction to malware analysis. I'd recommend it to anyone who wants to dissect Windows malware.”
--Ilfak Guilfanov, Creator of IDA Pro

“. . . a great introduction to malware analysis. All chapters contain detailed technical explanations and hands-on lab exercises to get you immediate exposure to real malware.”
--Sebastian Porst, Google Software Engineer

“. . . brings reverse engineering to readers of all skill levels. Technically rich and accessible, the labs will lead you to a deeper understanding of the art and science of reverse engineering. I strongly recommend this book for beginners and experts alike.”
--Danny Quist, PhD, Founder of Offensive Computing

“If you only read one malware book or are looking to break into the world of malware analysis, this is the book to get.”
--Patrick Engbretson, IA Professor at Dakota State University and Author of The Basics of Hacking and Pen Testing

“. . . an excellent addition to the course materials for an advanced graduate level course on Software Security or Intrusion Detection Systems. The labs are especially useful to students in teaching the methods to reverse engineer, analyze and understand malicious software.”
--Sal Stolfo, Professor, Columbia University

About the Author

Michael Sikorski is a Principal Consultant at Mandiant. He provides specialized research and development security solutions to the company's federal client base, reverse engineers malicious software discovered by incident responders, and has helped create a series of courses in malware analysis (from Beginner to Advanced). He has taught these courses to a variety of audiences including the FBI, the National Security Agency (NSA), and BlackHat. A former member of MIT's Lincoln Laboratory and the NSA, he holds a Top Secret security clearance.

Andrew Honig is an Information Assurance Expert for the Department of Defense. He teaches courses on software analysis, reverse engineering, and Windows system programming. Andy is publicly credited with several zero-day exploits in VMware's virtualization products.


More About the Authors

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

4.6 out of 5 stars
5 star
27
4 star
6
3 star
3
2 star
0
1 star
1
See all 37 customer reviews
If you consider yourself one of these people, reading this book is going to feel a lot like wearing someone else's underwear.
D. Quist
This book, Practical Malware Analysis covers static analysis and dynamic analysis of malware, using tools like IDA Pro, WinDBG, OllyDbg, Procmon etc.
TestUser
There is sufficient material in the book for it to take a very long time to actually work your way through learning everything that the book covers.
Stephen Chapman

Most Helpful Customer Reviews

26 of 28 people found the following review helpful By Stephen Northcutt on April 23, 2012
Format: Paperback
have been carrying this book around for three weeks and I have only made it to page 604 which is deep in the appendices, but wanted to jot down some thoughts. The book tries to be self contained, as little prior knowledge as possible is assumed. They begin by talking about static ( not actually executing) and dynamic analysis followed by a malware taxonomy. By page 10 the authors show you something very useful, how to run MD5 on a Windows system. We also learn about packing which is very important in the analysis of malware and get introduced to PEiD, which unfortunately has been discontinued, version 0.95 is the last, but it still works fine. Next is PEview to look at the PE sections. All that is chapter one and my point is that anyone with a windows system and interest can use these tools and learn a lot about what goes on in a Windows system.

The next topic is virtual systems which is hugely important since you don't want to experiment with malware on your work laptop, no good can come of that. Chapter 3 requires the reader to be slightly technical, but it is all great stuff, process monitor and process explorer, and looking at strings and dependencies. I do not see how anyone that has hands on responsibility for security of Windows systems can rationalize not being familiar with these tools.

Chapter 4 is where they start the deep dive, registers and opcodes, the fundamentals of disassembly and of course we can't get anywhere without IDA Pro, so that comes right up.

Speaking of tools that have been around for a while, I was surprised that OllyDbg is still a major debugger, good on you Mr. Yuschuk. After this, the books starts to move past my technical depth.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
9 of 9 people found the following review helpful By Michael Larsen on April 18, 2012
Format: Paperback
This is a topic that has greatly interested me, but from the perspective of a tester. On one side, I think the ability to reverse engineer malware is fascinating, but more to the point what I really want to be able to do is see how the tools described can actually be used to augment security testing.

Malware has become one of those topics that we often wring our hands about because we know it's a threat, we want to better comprehend it, but do we dare open ourselves up to the potential of doing something wrong and unleashing an unintended havoc on our machines or networks? Fortunately, Michael Sikorski & Andrew Honig's book "Practical Malware Analysis" helps to de-mystify this type of operation, and also make it understandable from a variety of perspectives. If you are a programmer, this will be very handy. Even if you aren't, there is a lot of good ideas and techniques in this book that you can use.

Practical Malware Analysis is structured with regular chapters describing the concepts, and each chapter ends with a series of labs. the answers to these labs take up nearly a third of the book. They consist of short answers for the specific questions as well as longer form answers that go into great detail to describe the steps and the methods used to test the files and provide analysis of what was found.

Part 1 starts out by explaining what Malware is and how developers and testers can get into the files and poke around using some basic and freely available tools. The first part of the book focuses on performing static analysis of files and looking inside them to understand what might be hiding in the files, along with ways o read the headers, strings and data hidden in the files.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
7 of 7 people found the following review helpful By D. Quist on July 5, 2012
Format: Paperback
Before getting into reviewing Practical Malware Analysis, I hope you will indulge me in a rant about other books on the reverse engineering topic: They are not pretty. If you've taken one of my classes I recommend a few books for learning reversing, but climbing the steep mountain of pre-requisite material before you can attempt to be somewhat proficient is daunting. Specifically the books I recommended were based off of each individual author's own personal style of reverse engineering with the tools that were available at the time. The field has gotten much more accessible thanks to the awesome tools that are out there from companies like Hex-Rays and Zynamics.

Practical Malware Analysis does a good job of tying together the methods of modern malware analysis. While most of the previous texts have done a good job of presenting the state of the art at their time, PMA overviews many of the tools that are in use in the modern day. Part 1 starts off with the basic static techniques, how to set up a virtual environment, and dynamic analysis. These initial steps are the basis for any good reversing environment. What is nice is that these topics aren't dwelled on for an entire book.

Part 2 goes over the relationships of the Intel architecture, IDA Pro, modern compilers, and the Windows operating system to reverse engineering. Having an understanding of this as it applies to the reversing process is extremely important. Outside implementing a compiler, learning the fundamentals of the architecture is the most important skill a reverser can have for understanding the field. The difference between an adequate reverser and a great reverser lies in the understanding of how the system interactions work.

The rest of the book is focused on the advanced topics of dynamic analysis.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Customer Images

Most Recent Customer Reviews

Search