Buy new:
-31% $41.30
FREE delivery Wednesday, July 24
Ships from: Amazon.com
Sold by: Amazon.com
$41.30 with 31 percent savings
List Price: $59.99

The List Price is the suggested retail price of a new product as provided by a manufacturer, supplier, or seller. Except for books, Amazon will display a List Price if the product was purchased by customers on Amazon or offered by other retailers at or above the List Price in at least the past 90 days. List prices may not necessarily reflect the product's prevailing market price.
Learn more
FREE Returns
FREE delivery Wednesday, July 24. Order within 10 hrs 57 mins
In Stock
$$41.30 () Includes selected options. Includes initial monthly payment and selected options. Details
Price
Subtotal
$$41.30
Subtotal
Initial payment breakdown
Shipping cost, delivery date, and order total (including tax) shown at checkout.
Ships from
Amazon.com
Ships from
Amazon.com
Sold by
Amazon.com
Sold by
Amazon.com
Returns
Eligible for Return, Refund or Replacement within 30 days of receipt
Eligible for Return, Refund or Replacement within 30 days of receipt
This item can be returned in its original condition for a full refund or replacement within 30 days of receipt.
Read full return policy
Returns
Eligible for Return, Refund or Replacement within 30 days of receipt
This item can be returned in its original condition for a full refund or replacement within 30 days of receipt.
Read full return policy
Payment
Secure transaction
Your transaction is secure
We work hard to protect your security and privacy. Our payment security system encrypts your information during transmission. We don’t share your credit card details with third-party sellers, and we don’t sell your information to others. Learn more
Payment
Secure transaction
We work hard to protect your security and privacy. Our payment security system encrypts your information during transmission. We don’t share your credit card details with third-party sellers, and we don’t sell your information to others. Learn more
$37.50
FREE Returns
Minimal signs of wear. Ships direct from Amazon! Minimal signs of wear. Ships direct from Amazon! See less
FREE delivery Thursday, July 25. Order within 19 hrs 42 mins
Only 1 left in stock - order soon.
$$41.30 () Includes selected options. Includes initial monthly payment and selected options. Details
Price
Subtotal
$$41.30
Subtotal
Initial payment breakdown
Shipping cost, delivery date, and order total (including tax) shown at checkout.
Access codes and supplements are not guaranteed with used items.
Kindle app logo image

Download the free Kindle app and start reading Kindle books instantly on your smartphone, tablet, or computer - no Kindle device required.

Read instantly on your browser with Kindle for Web.

Using your mobile phone camera - scan the code below and download the Kindle app.

QR code to download the Kindle App

Follow the authors

Michael Sikorski
Follow
Andrew Honig
Follow
Something went wrong. Please try your request again later.

Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software 1st Edition

by Michael Sikorski (Author), Andrew Honig (Author)
4.8 4.8 out of 5 stars 566 ratings
See all formats and editions
{"desktop_buybox_group_1":[{"displayPrice":"$41.30","priceAmount":41.30,"currencySymbol":"$","integerValue":"41","decimalSeparator":".","fractionalValue":"30","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"Gfhm0xcMB3BfQwOeeWTQVaT6kqZixPxrPKv6VMUTFPAKSOrd5HKR2yhNCCe87z%2F7OiCncEc3oWHxF6zVZ7xFRlcQ4X5gw%2B0iOanaq8gXAjd4OpQNS0EEQW3YCwI%2FuTwdYkK21cOs7hfH8cyEK326rg%3D%3D","locale":"en-US","buyingOptionType":"NEW","aapiBuyingOptionIndex":0}, {"displayPrice":"$37.50","priceAmount":37.50,"currencySymbol":"$","integerValue":"37","decimalSeparator":".","fractionalValue":"50","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"Gfhm0xcMB3BfQwOeeWTQVaT6kqZixPxrCX%2BVkvIMvVs0ecNdB0Uyu6OwvYNK5bLesla4hXsPOPgCi%2Fp7PWJXQFa7pg7j3rNUnrm7%2BSr9wGfrItL6kb%2B6PGKVOHKb8X%2FaLDNnJevjhAFszVNmiuifkWeCm%2FxvLrepY3HLUASOenJLlujTgGXdVA%3D%3D","locale":"en-US","buyingOptionType":"USED","aapiBuyingOptionIndex":1}]}

Purchase options and add-ons

Malware analysis is big business, and attacks can cost a company dearly. When malware breaches your defenses, you need to act quickly to cure current infections and prevent future ones from occurring.

For those who want to stay ahead of the latest malware, Practical Malware Analysis will teach you the tools and techniques used by professional analysts. With this book as your guide, you'll be able to safely analyze, debug, and disassemble any malicious software that comes your way.

You'll learn how to:
–Set up a safe virtual environment to analyze malware
–Quickly extract network signatures and host-based indicators
–Use key analysis tools like IDA Pro, OllyDbg, and WinDbg
–Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques
–Use your newfound knowledge of Windows internals for malware analysis
–Develop a methodology for unpacking malware and get practical experience with five of the most popular packers
–Analyze special cases of malware with shellcode, C++, and 64-bit code

Hands-on labs throughout the book challenge you to practice and synthesize your skills as you dissect real malware samples, and pages of detailed dissections offer an over-the-shoulder look at how the pros do it. You'll learn how to crack open malware to see how it really works, determine what damage it has done, thoroughly clean your network, and ensure that the malware never comes back.

Malware analysis is a cat-and-mouse game with rules that are constantly changing, so make sure you have the fundamentals. Whether you're tasked with securing one network or a thousand networks, or you're making a living as a malware analyst, you'll find what you need to succeed in Practical Malware Analysis.
Previous slide of product details
  1. ISBN-10
    1593272901
  2. ISBN-13
    978-1593272906
  3. Edition
    1st
  4. Publisher
    No Starch Press
  5. Publication date
    February 1, 2012
  6. Language
    English
  7. Dimensions
    7.13 x 1.56 x 9.25 inches
  8. Print length
    800 pages
  9. See all details
Next slide of product details
Amazon First Reads | Editors' picks at exclusive prices

Frequently bought together

Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
$41.30
Get it as soon as Wednesday, Jul 24
In Stock
Ships from and sold by Amazon.com.
+
Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
$34.80
Get it as soon as Wednesday, Jul 24
Only 20 left in stock (more on the way).
Ships from and sold by Amazon.com.
+
The Ghidra Book: The Definitive Guide
$41.65
Get it as soon as Wednesday, Jul 24
In Stock
Ships from and sold by Amazon.com.
Total price:
To see our price, add these items to your cart.
Details
Added to Cart
spCSRF_Control
Some of these items ship sooner than the others.
Show details Hide details
Choose items to buy together.

Editorial Reviews

Amazon.com Review

Praise for Practical Malware Analysis

“The book every malware analyst should keep handy.”
--Richard Bejtlich, CSO, Mandiant & Founder of TaoSecurity

“An excellent crash course in malware analysis.”
--Dino Dai Zovi, Independent Security Consultant

“. . . the most comprehensive guide to analysis of malware, offering detailed coverage of all the essential skills required to understand the specific challenges presented by modern malware.”
--Chris Eagle, Senior Lecturer of Computer Science at the Naval Postgraduate School

“A hands-on introduction to malware analysis. I'd recommend it to anyone who wants to dissect Windows malware.”
--Ilfak Guilfanov, Creator of IDA Pro

“. . . a great introduction to malware analysis. All chapters contain detailed technical explanations and hands-on lab exercises to get you immediate exposure to real malware.”
--Sebastian Porst, Google Software Engineer

“. . . brings reverse engineering to readers of all skill levels. Technically rich and accessible, the labs will lead you to a deeper understanding of the art and science of reverse engineering. I strongly recommend this book for beginners and experts alike.”
--Danny Quist, PhD, Founder of Offensive Computing

“If you only read one malware book or are looking to break into the world of malware analysis, this is the book to get.”
--Patrick Engbretson, IA Professor at Dakota State University and Author of The Basics of Hacking and Pen Testing

“. . . an excellent addition to the course materials for an advanced graduate level course on Software Security or Intrusion Detection Systems. The labs are especially useful to students in teaching the methods to reverse engineer, analyze and understand malicious software.”
--Sal Stolfo, Professor, Columbia University

Review

"A hands-on introduction to malware analysis. I'd recommend it to anyone who wants to dissect Windows malware."
—Ilfak Guilfanov, Creator of IDA Pro

"The book every malware analyst should keep handy."
—Richard Bejtlich, CSO of Mandiant & Founder of TaoSecurity

"This book does exactly what it promises on the cover; it's crammed with detail and has an intensely practical approach, but it's well organised enough that you can keep it around as handy reference."
—Mary Branscombe, ZDNet

"If you're starting out in malware analysis, or if you are are coming to analysis from another discipline, I'd recommend having a nose."
—Paul Baccas, Naked Security from Sophos

"An excellent crash course in malware analysis."
—Dino Dai Zovi, Independent Security Consultant

"The most comprehensive guide to analysis of malware, offering detailed coverage of all the essential skills required to understand the specific challenges presented by modern malware."
—Chris Eagle, Senior Lecturer of Computer Science at the Naval Postgraduate School

"A great introduction to malware analysis. All chapters contain detailed technical explanations and hands-on lab exercises to get you immediate exposure to real malware."
—Sebastian Porst, Google Software Engineer

"Brings reverse engineering to readers of all skill levels. Technically rich and accessible, the labs will lead you to a deeper understanding of the art and science of reverse engineering. I strongly recommend this book for beginners and experts alike. I strongly believe this will become the defacto text for learning malware analysis in the future."
—Danny Quist, PhD, Founder of Offensive Computing

“An awesome book. . . written by knowledgeable authors who possess the rare gift of being able to communicate their knowledge through the written word.”
—Richard Austin, IEEE Cipher

"If you only read one malware book or are looking to break into the world of malware analysis, this is the book to get."
—Patrick Engebretson, IA Professor at Dakota State University and Author of The Basics of Hacking and Pen Testing

"An excellent addition to the course materials for an advanced graduate level course on Software Security or Intrusion Detection Systems. The labs are especially useful to students in teaching the methods to reverse engineer, analyze and understand malicious software."
—Sal Stolfo, Professor, Columbia University

"The explanation of the tools is clear, the presentation of the process is lucid, and the actual detective work fascinating. All presented clearly and hitting just the right level so that developers with no previous experience in this particular area can participate fully. Highly recommended."
—Dr. Dobb's

"This book is like having your very own personal malware analysis teacher without the expensive training costs."
—Dustin Schultz, TheXploit

"I highly recommend this book to anyone looking to get their feet wet in malware analysis or just looking for a good desktop reference on the subject."
—Pete Arzamendi, 403 Labs

“I do not see how anyone who has hands-on responsibility for security of Windows systems can rationalize not being familiar with these tools.”
—Stephen Northcutt, SANS Institute

"Practical Malware Analysis is another book that should be within reaching distance in anyone’s DFIR shop. I went ahead and purchased PMA hoping the book would improve my knowledge and skills when faced with malware. What I ended up with was knowledge, a process and tools I can use to analyze any program I encounter. PMA gets a five star review (5 out of 5)."
—Journey Into Incident Response

“Highly recommend it to those looking to enter the malware analysis field.”
—Linux Ninja

"If you are a beginner to this hacking field, then this book will be an excellent choice for you."
—Hackerzzz

"I cannot recommend it enough."
—Tony Robinson, Security Boulevard

Product details

  • Publisher ‏ : ‎ No Starch Press; 1st edition (February 1, 2012)
  • Language ‏ : ‎ English
  • Paperback ‏ : ‎ 800 pages
  • ISBN-10 ‏ : ‎ 1593272901
  • ISBN-13 ‏ : ‎ 978-1593272906
  • Item Weight ‏ : ‎ 3.41 pounds
  • Dimensions ‏ : ‎ 7.13 x 1.56 x 9.25 inches
  • Customer Reviews:
    4.8 4.8 out of 5 stars 566 ratings

About the authors

Follow authors to get new release updates, plus improved recommendations.
Previous page
  1. Michael Sikorski

    Michael Sikorski

    Brief content visible, double tap to read full content.
    Full content visible, double tap to read brief content.

    Discover more of the author’s books, see similar authors, read author blogs and more

    See more on the author's page
  2. Andrew Honig

    Andrew Honig

    Brief content visible, double tap to read full content.
    Full content visible, double tap to read brief content.

    Discover more of the author’s books, see similar authors, read author blogs and more

    See more on the author's page
Next page

Customer reviews

4.8 out of 5 stars
4.8 out of 5
566 global ratings

Customers say

Customers find the book's content valuable for completing assignments and the best book out there for malware analysis. They also say it's well-written and easy to follow along.

AI-generated from the text of customer reviews

Select to learn more
ContentReadability
48 customers mention "Content"48 positive0 negative

Customers find the book's content very in depth, helpful, and a great toolbox to explore malware. They say the information is easy to understand and read, and the book focuses little on theory. Readers also say the presentation of the material is fantastic.

"This book is surprisingly easy to read and very informative - if you have an IT background. It is not, however, a book for beginners...." Read more

"...PMA begins simply, starting with basic static and dynamic analysis. This also includes a discussion on setting up a virtual malware analysis lab...." Read more

"...It looks like they build on each other which will make it easy for someone to follow along and learn in steps...." Read more

"...First things first, this book has a great deal of excellent information. It's well written and thorough...." Read more

14 customers mention "Readability"14 positive0 negative

Customers find the book well written and easy to understand.

"This book is surprisingly easy to read and very informative - if you have an IT background. It is not, however, a book for beginners...." Read more

"...So far the first chapter reads well. Nothing too difficult for even a beginner to understand...." Read more

"...It's well written and thorough. The screen captures could be a bit better and larger...." Read more

"...It's well-written and the format of the exercises is great...." Read more

Top reviews from the United States

Jagness
5.0 out of 5 stars Great book if you know Assembly language
Reviewed in the United States on October 9, 2017
Verified Purchase
This book is surprisingly easy to read and very informative - if you have an IT background. It is not, however, a book for beginners.

At the very least, you must have a working understanding of Assembly language and the x86 architecture. With little exception, almost all advanced analysis occurs at the assembly level. The book does not spend time teaching assembly. It jumps right into the assembly code and takes off running. If you do not understand assembly code, don't even bother picking up this book (or attempting to be a malware analyst).

Secondly, you will need to have a solid understanding of the C programming language. Much of the assembly code you will be analyzing originated from a disassembled program originally written in C.

Your main home computer is not ideal for analyzing malware. In many cases, you have to actually run the malware to see what it does.Therefore, a virtualization environment is preferred. Unless you already have access to a virtualized lab, familiarity with VMware (or equivalent) is very helpful for setting up your own lab.

Experience with the Windows API, registry, DLLs, and basic file structure is also helpful. All of the sample malware is tailored for Windows computers. There is an entire chapter on the Windows API to get you up to speed if you only have a basic knowledge.

Basic knowledge of Linux is also helpful. There are a handful of analysis tools that are Linux based. You will need to have at least one Linux (virtual machine preferred) to perform some of the labs.

A basic understanding of TCP/IP networks is also good to have. Many of the malware files have a networking component.

Lacking any of these skill sets will make reading this book very difficult.

The best parts of this book are the labs at the end of the chapters. You will work on actual malware (slightly modified to be less dangerous) using tools and techniques learned in the corresponding chapter. The labs guide you through important parts of the malware, and there is a detailed explanation at the end of the book describing, in detail, how the malware does its thing and how you, as the analyst, can discover its secrets.

Most of the tools used in this book are widely available and free to use. A whole chapter is dedicated to the main tools so you get extra exposure to the important software you will be using as a professional analyst.
58 people found this helpful
Helpful
 Report
Chris Sanders
5.0 out of 5 stars The Essential Malware Analysis Book
Reviewed in the United States on February 19, 2014
Verified Purchase
Before I begin, I have to disclose that I am a Mandiant employee, but I don't work directly with the authors of this book, nor do I have any sort of personal relationship with them. I have also published two books with No Starch Press. While I don't analyze malware exclusively for my job, I've done a fair amount of it as an auxiliary function of my work mostly focused on network security monitoring. I've also taken the SANS FOR610 Reverse Engineering Malware course and am GREM certified. I'd consider myself an experienced, but not expert level malware analyst.

With that said, Practical Malware Analysis is one of my absolute favorite information security books. The topic of dissecting malware can be very daunting, as it requires a broad array of knowledge to be done effectively. You have to be able to interpret code, have a knowledge of internal system workings, and be able to read between the lines using an analysts intuition. I think this book does an excellent job relaying these concepts.

PMA begins simply, starting with basic static and dynamic analysis. This also includes a discussion on setting up a virtual malware analysis lab. This is often enough to determine if a file malicious on its own. After this, the book quickly jumps to more advanced static and dynamic analysis concepts. PMA covers a wide away of topics, and touches on most every aspect of dissecting modern malware. If you are a beginner, then you will get plenty to sink your teeth into without feeling completely overwhelmed. If you are more experienced, you will find plenty of coverage of advanced topics, such as dealing with malware that has built in anti-debugging features.

My favorite portion of PMA are the labs included with almost every chapter. The authors have taken the time to write custom "malware" and find existing malware samples that accompany each topic. These allow the reader to try out the skills they've just learned and then compare them against a set of answers in the back of the book. I wish more books did this.

I work from home, and at my house I have a big bookshelf in my closet and a smaller bookshelf next to my desk. The books I've read that I don't use often are in the closet bookshelf. The books I've read that I use really often stay on the smaller shelf next to the desk. Not only does Practical Malware Analysis sit on the smaller bookshelf, it sits on the top of it along side such greats as "TCP/IP Illustrated." I think that is the best praise I can give a technical book.

Simply put, If you want to learn how to analyze malware at a casual or advanced level, then PMA is THE book to purchase. Kudos to Sikorski and Honig on a job amazingly well done.
19 people found this helpful
Helpful
 Report
Danny Rogers
5.0 out of 5 stars Amazon review - ordering the book
Reviewed in the United States on March 8, 2014
Verified Purchase
I ordered the book (amazon states it is in stock) four days ago and it has not even processed for shipping because I chose free shipping. I was offered the chance to read the first chapter on-line which I do if I eat lunch at my desk.

So far the first chapter reads well. Nothing too difficult for even a beginner to understand. The author goes over the layout of the chapters and even summarizes which chapters are more beginner, intermediate, and advanced. It looks like they build on each other which will make it easy for someone to follow along and learn in steps.

Their competition - Barnes and Noble offer the same book with free same day shipping. Me thinks Amazon has just become too big of a company to provide the top service like they used to.

I'm not going to stop shopping at Amazon, but if I can get something at the same price that ships at the same price but ships sooner... that's a no brainer.

Ok my vent is over. Carry on.
Helpful
 Report

Top reviews from other countries

Translate all reviews to English
g
5.0 out of 5 stars Muy completo
Reviewed in Mexico on July 24, 2023
Verified Purchase
Libro muy completo y didactico
Report
MONDON A.
5.0 out of 5 stars Intéressant
Reviewed in France on January 10, 2024
Verified Purchase
Cadeau pour mon fils. Il faut être passionné par le sujet et c'est le cas!
One person found this helpful
 Report
Seb Now
5.0 out of 5 stars Awesome!
Reviewed in the United Kingdom on December 24, 2022
Verified Purchase
Just get it! It is a big book. Loads of stuff, but well writen and very helpful
Report
Mihail Gaberov
5.0 out of 5 stars Haven’t finished yet, but from I have read so far it’s definitely worth! I totally recommend it!
Reviewed in Spain on December 15, 2022
Verified Purchase
Customer image
Mihail Gaberov
5.0 out of 5 stars Haven’t finished yet, but from I have read so far it’s definitely worth! I totally recommend it!
Reviewed in Spain on December 15, 2022
Images in this review
Customer image
Customer image
Report
Laura
5.0 out of 5 stars Sehr gut
Reviewed in Germany on March 4, 2021
Verified Purchase
Das Buch gefällt mir bisher sehr gut, besonders, wenn man in das Thema einsteigt. Es gibt viele praktische Anwendungsmöglichkeiten, bei den Kapiteln zu Ida pro bin ich noch nicht sicher, ob man die praktischen Übungen auch mit der kostenlosen Version durchführen kann. Aber ich kann es trotzdem empfehlen, besonders für den Einstieg.
Report