This book is surprisingly easy to read and very informative - if you have an IT background. It is not, however, a book for beginners.
At the very least, you must have a working understanding of Assembly language and the x86 architecture. With little exception, almost all advanced analysis occurs at the assembly level. The book does not spend time teaching assembly. It jumps right into the assembly code and takes off running. If you do not understand assembly code, don't even bother picking up this book (or attempting to be a malware analyst).
Secondly, you will need to have a solid understanding of the C programming language. Much of the assembly code you will be analyzing originated from a disassembled program originally written in C.
Your main home computer is not ideal for analyzing malware. In many cases, you have to actually run the malware to see what it does.Therefore, a virtualization environment is preferred. Unless you already have access to a virtualized lab, familiarity with VMware (or equivalent) is very helpful for setting up your own lab.
Experience with the Windows API, registry, DLLs, and basic file structure is also helpful. All of the sample malware is tailored for Windows computers. There is an entire chapter on the Windows API to get you up to speed if you only have a basic knowledge.
Basic knowledge of Linux is also helpful. There are a handful of analysis tools that are Linux based. You will need to have at least one Linux (virtual machine preferred) to perform some of the labs.
A basic understanding of TCP/IP networks is also good to have. Many of the malware files have a networking component.
Lacking any of these skill sets will make reading this book very difficult.
The best parts of this book are the labs at the end of the chapters. You will work on actual malware (slightly modified to be less dangerous) using tools and techniques learned in the corresponding chapter. The labs guide you through important parts of the malware, and there is a detailed explanation at the end of the book describing, in detail, how the malware does its thing and how you, as the analyst, can discover its secrets.
Most of the tools used in this book are widely available and free to use. A whole chapter is dedicated to the main tools so you get extra exposure to the important software you will be using as a professional analyst.
Download the free Kindle app and start reading Kindle books instantly on your smartphone, tablet, or computer - no Kindle device required.
Read instantly on your browser with Kindle for Web.
Using your mobile phone camera - scan the code below and download the Kindle app.
Follow the authors
Something went wrong. Please try your request again later.
Frequently bought together
This item: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
$43.47
In Stock
+
$34.48
Get it as soon as Saturday, Jan 25
Only 15 left in stock - order soon.
+
Total price: $00
To see our price, add these items to your cart.
Choose items to buy together.
Customers who bought this item also bought
Page 1 of 1 Start overPage 1 of 1
- Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and ObfuscationPaperback$8.86 shippingGet it as soon as Saturday, Jan 25Only 15 left in stock - order soon.
- The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac MemoryPaperback$9.10 shippingOnly 15 left in stock (more on the way).
Related books
Page 1 of 1Start OverPage 1 of 1
Sponsored
Philip RobbinsShop the Store on Amazon ›- Ashton MillerShop the Store on Amazon ›
- Robert OliverShop the Store on Amazon ›
- Kyle WilhoitShop the Store on Amazon ›
- Vere SimondsShop the Store on Amazon ›
