Buy new:
-28% $43.12
Delivery Tuesday, October 1
Ships from: Amazon.com
Sold by: Amazon.com
$43.12 with 28 percent savings
List Price: $59.99
The List Price is the suggested retail price of a new product as provided by a manufacturer, supplier, or seller. Except for books, Amazon will display a List Price if the product was purchased by customers on Amazon or offered by other retailers at or above the List Price in at least the past 90 days. List prices may not necessarily reflect the product's prevailing market price.
Learn more
FREE International Returns
$9.65 Shipping & Import Charges to Canada Details

Shipping & Fee Details

Price $43.12
AmazonGlobal Shipping $7.39
Estimated Import Charges $2.26
Total $52.77

Delivery Tuesday, October 1. Order within 12 hrs 37 mins
In Stock
$$43.12 () Includes selected options. Includes initial monthly payment and selected options. Details
Price
Subtotal
$$43.12
Subtotal
Initial payment breakdown
Shipping cost, delivery date, and order total (including tax) shown at checkout.
Ships from
Amazon.com
Ships from
Amazon.com
Sold by
Amazon.com
Sold by
Amazon.com
Returns
30-day refund/replacement
30-day refund/replacement
This item can be returned in its original condition for a full refund or replacement within 30 days of receipt.
Read full return policy
Returns
30-day refund/replacement
This item can be returned in its original condition for a full refund or replacement within 30 days of receipt.
Read full return policy
Payment
Secure transaction
Your transaction is secure
We work hard to protect your security and privacy. Our payment security system encrypts your information during transmission. We don’t share your credit card details with third-party sellers, and we don’t sell your information to others. Learn more
Payment
Secure transaction
We work hard to protect your security and privacy. Our payment security system encrypts your information during transmission. We don’t share your credit card details with third-party sellers, and we don’t sell your information to others. Learn more
$34.50
FREE International Returns
Cover and edges show some wear from use and storage. May have a few markings and highlighting. Ships directly from Amazon. Great value for your money. Supplements such as CD's, codes, etc., where applicable, are not guaranteed for books listed as USED. Cover and edges show some wear from use and storage. May have a few markings and highlighting. Ships directly from Amazon. Great value for your money. Supplements such as CD's, codes, etc., where applicable, are not guaranteed for books listed as USED. See less
Delivery October 10 - 14
Or fastest delivery October 9 - 13
$$43.12 () Includes selected options. Includes initial monthly payment and selected options. Details
Price
Subtotal
$$43.12
Subtotal
Initial payment breakdown
Shipping cost, delivery date, and order total (including tax) shown at checkout.
Access codes and supplements are not guaranteed with used items.
Added to

Sorry, there was a problem.

There was an error retrieving your Wish Lists. Please try again.

Sorry, there was a problem.

List unavailable.
Kindle app logo image

Download the free Kindle app and start reading Kindle books instantly on your smartphone, tablet, or computer - no Kindle device required.

Read instantly on your browser with Kindle for Web.

Using your mobile phone camera - scan the code below and download the Kindle app.

QR code to download the Kindle App

Follow the authors

Andrew Honig
Follow
Michael Sikorski
Follow
Something went wrong. Please try your request again later.

Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software 1st Edition

by Michael Sikorski (Author), Andrew Honig (Author)
4.8 4.8 out of 5 stars 579 ratings
See all formats and editions
{"desktop_buybox_group_1":[{"displayPrice":"$43.12","priceAmount":43.12,"currencySymbol":"$","integerValue":"43","decimalSeparator":".","fractionalValue":"12","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"myXC3K6KqOd8IspMSNWrjebAoUQNKWYxcAUjBQULzNJR1U%2BR3r9PE8dZaDjRhAVBjTCrSQcTM9fckrS9uWQbKWKZI0XZztKZUeoC3s8vMLNBWyaBVCPaCXutwmzdeif%2FcmRAHSVrdJYsNQ4O0n5KRg%3D%3D","locale":"en-US","buyingOptionType":"NEW","aapiBuyingOptionIndex":0}, {"displayPrice":"$34.50","priceAmount":34.50,"currencySymbol":"$","integerValue":"34","decimalSeparator":".","fractionalValue":"50","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"myXC3K6KqOd8IspMSNWrjebAoUQNKWYxATeaSzqxGdqLwD2lxkDOMjbCFVY2iL1gb7iWpfcTpjv7%2BKPAQjC0oEBa6XKETyjDkcCdYwA862CHXZS0TTckiq0%2FoOy3yOxgv4AOJV%2FN%2BIn945VQ2ohRAW0Cccyis32DI6%2BLGriVgQ6uasi6zYwi0g%3D%3D","locale":"en-US","buyingOptionType":"USED","aapiBuyingOptionIndex":1}]}

Purchase options and add-ons

Malware analysis is big business, and attacks can cost a company dearly. When malware breaches your defenses, you need to act quickly to cure current infections and prevent future ones from occurring.

For those who want to stay ahead of the latest malware, Practical Malware Analysis will teach you the tools and techniques used by professional analysts. With this book as your guide, you'll be able to safely analyze, debug, and disassemble any malicious software that comes your way.

You'll learn how to:
–Set up a safe virtual environment to analyze malware
–Quickly extract network signatures and host-based indicators
–Use key analysis tools like IDA Pro, OllyDbg, and WinDbg
–Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques
–Use your newfound knowledge of Windows internals for malware analysis
–Develop a methodology for unpacking malware and get practical experience with five of the most popular packers
–Analyze special cases of malware with shellcode, C++, and 64-bit code

Hands-on labs throughout the book challenge you to practice and synthesize your skills as you dissect real malware samples, and pages of detailed dissections offer an over-the-shoulder look at how the pros do it. You'll learn how to crack open malware to see how it really works, determine what damage it has done, thoroughly clean your network, and ensure that the malware never comes back.

Malware analysis is a cat-and-mouse game with rules that are constantly changing, so make sure you have the fundamentals. Whether you're tasked with securing one network or a thousand networks, or you're making a living as a malware analyst, you'll find what you need to succeed in Practical Malware Analysis.
Previous slide of product details
  1. ISBN-10
    1593272901
  2. ISBN-13
    978-1593272906
  3. Edition
    1st
  4. Publisher
    No Starch Press
  5. Publication date
    February 1, 2012
  6. Language
    English
  7. Dimensions
    7.13 x 1.56 x 9.25 inches
  8. Print length
    800 pages
  9. See all details
Next slide of product details

Frequently bought together

Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
This item: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
$43.12
In Stock
Ships from and sold by Amazon.com.
+
Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
$34.80
In Stock
Ships from and sold by Amazon.com.
+
The Ghidra Book: The Definitive Guide
$37.74
In Stock
Ships from and sold by Amazon.com.
Total price: $00
To see our price, add these items to your cart.
Details
Added to Cart
spCSRF_Treatment
Choose items to buy together.

Customer reviews

4.8 out of 5 stars
579 global ratings

Customers say

Customers find the book very informative and a valuable reference for completing assignments. They say it explains everything, covers theory and hands-on application, and is a good read to get their feet wet.

AI-generated from the text of customer reviews

Select to learn more
Information qualityReadabilityReversing ability
48 customers mention "Information quality"48 positive0 negative

Customers find the book very informative and well-written. They say it provides knowledge of tools for analysis and helps them better understand malware. Readers also mention the book covers theory and hands-on application, and is extremely practically oriented.

"This book is surprisingly easy to read and very informative - if you have an IT background. It is not, however, a book for beginners...." Read more

"...PMA begins simply, starting with basic static and dynamic analysis. This also includes a discussion on setting up a virtual malware analysis lab...." Read more

"...First things first, this book has a great deal of excellent information. It's well written and thorough...." Read more

"...The value of the book is so great due to its thoroughness...." Read more

35 customers mention "Readability"35 positive0 negative

Customers find the book great and informative. They say it keeps their interest in reading and is a good read to get their feet wet. Readers also mention the exercises are well-written.

"Awesome book. Great explanations and labs that get you analyzing malware right from the start...." Read more

"...I can say I look forward to the exercises and it definately keeps my interest in reading so I know I will learn as much as I want to...." Read more

"...Just started reading it and got pulled into it. Received the book in perfect condition." Read more

"Awesome content and super well delivered, must have! It has been my best friend for my reverse engineering class." Read more

3 customers mention "Reversing ability"3 positive0 negative

Customers find the book a great introduction to reverse engineering. They say it provides a great breakdown of the assembly.

"Great intro to reversing (not only malware) with a great breakdown of assembly. Definitely now one of my go to reference books." Read more

"Great book for Reverse Engineering..." Read more

"Great intro..." Read more

Top reviews from the United States

Jagness
5.0 out of 5 stars Great book if you know Assembly language
Reviewed in the United States on October 9, 2017
Verified Purchase
This book is surprisingly easy to read and very informative - if you have an IT background. It is not, however, a book for beginners.

At the very least, you must have a working understanding of Assembly language and the x86 architecture. With little exception, almost all advanced analysis occurs at the assembly level. The book does not spend time teaching assembly. It jumps right into the assembly code and takes off running. If you do not understand assembly code, don't even bother picking up this book (or attempting to be a malware analyst).

Secondly, you will need to have a solid understanding of the C programming language. Much of the assembly code you will be analyzing originated from a disassembled program originally written in C.

Your main home computer is not ideal for analyzing malware. In many cases, you have to actually run the malware to see what it does.Therefore, a virtualization environment is preferred. Unless you already have access to a virtualized lab, familiarity with VMware (or equivalent) is very helpful for setting up your own lab.

Experience with the Windows API, registry, DLLs, and basic file structure is also helpful. All of the sample malware is tailored for Windows computers. There is an entire chapter on the Windows API to get you up to speed if you only have a basic knowledge.

Basic knowledge of Linux is also helpful. There are a handful of analysis tools that are Linux based. You will need to have at least one Linux (virtual machine preferred) to perform some of the labs.

A basic understanding of TCP/IP networks is also good to have. Many of the malware files have a networking component.

Lacking any of these skill sets will make reading this book very difficult.

The best parts of this book are the labs at the end of the chapters. You will work on actual malware (slightly modified to be less dangerous) using tools and techniques learned in the corresponding chapter. The labs guide you through important parts of the malware, and there is a detailed explanation at the end of the book describing, in detail, how the malware does its thing and how you, as the analyst, can discover its secrets.

Most of the tools used in this book are widely available and free to use. A whole chapter is dedicated to the main tools so you get extra exposure to the important software you will be using as a professional analyst.
60 people found this helpful
Helpful
 Report
Chris Sanders
5.0 out of 5 stars The Essential Malware Analysis Book
Reviewed in the United States on February 19, 2014
Verified Purchase
Before I begin, I have to disclose that I am a Mandiant employee, but I don't work directly with the authors of this book, nor do I have any sort of personal relationship with them. I have also published two books with No Starch Press. While I don't analyze malware exclusively for my job, I've done a fair amount of it as an auxiliary function of my work mostly focused on network security monitoring. I've also taken the SANS FOR610 Reverse Engineering Malware course and am GREM certified. I'd consider myself an experienced, but not expert level malware analyst.

With that said, Practical Malware Analysis is one of my absolute favorite information security books. The topic of dissecting malware can be very daunting, as it requires a broad array of knowledge to be done effectively. You have to be able to interpret code, have a knowledge of internal system workings, and be able to read between the lines using an analysts intuition. I think this book does an excellent job relaying these concepts.

PMA begins simply, starting with basic static and dynamic analysis. This also includes a discussion on setting up a virtual malware analysis lab. This is often enough to determine if a file malicious on its own. After this, the book quickly jumps to more advanced static and dynamic analysis concepts. PMA covers a wide away of topics, and touches on most every aspect of dissecting modern malware. If you are a beginner, then you will get plenty to sink your teeth into without feeling completely overwhelmed. If you are more experienced, you will find plenty of coverage of advanced topics, such as dealing with malware that has built in anti-debugging features.

My favorite portion of PMA are the labs included with almost every chapter. The authors have taken the time to write custom "malware" and find existing malware samples that accompany each topic. These allow the reader to try out the skills they've just learned and then compare them against a set of answers in the back of the book. I wish more books did this.

I work from home, and at my house I have a big bookshelf in my closet and a smaller bookshelf next to my desk. The books I've read that I don't use often are in the closet bookshelf. The books I've read that I use really often stay on the smaller shelf next to the desk. Not only does Practical Malware Analysis sit on the smaller bookshelf, it sits on the top of it along side such greats as "TCP/IP Illustrated." I think that is the best praise I can give a technical book.

Simply put, If you want to learn how to analyze malware at a casual or advanced level, then PMA is THE book to purchase. Kudos to Sikorski and Honig on a job amazingly well done.
19 people found this helpful
Helpful
 Report
Steven Lavoie
5.0 out of 5 stars Great exercises, well-written! The few typos are tracked online by the publisher.
Reviewed in the United States on December 2, 2014
Verified Purchase
I've been working through this book over the last year and I love it. It's well-written and the format of the exercises is great. You work through a bit of theory and explanation, go through a practical exercise and then you're told to explore an executable on your own and answer some questions. The back of the book then has author-provided answers to help you get all the answers you should have.

I had some experience with assembly and C/C++ already but nothing at a professional level. My primary lack of background was in networking but the author explained enough to at least tell me what to Google for when I needed more information.

There's a few typos but nothing I wasn't able to figure out on my own. Luckily, the publisher is tracking these and lists them here for you: http://www.nostarch.com/malware#updates.

Personally, I recommend running VMs. Set up an image with all the labs downloaded and saved somewhere. You'll want to revert to that snapshot before moving through the labs to ensure you're not mixing up potential system changes between labs. Sometimes, I like to go back to previous labs so I either saved snapshots after doing the lab or saved my altered binaries to a USB drive so I could reference them after reverting to the original snapshot.
6 people found this helpful
Helpful
 Report

Top reviews from other countries

Translate all reviews to English
g
5.0 out of 5 stars Muy completo
Reviewed in Mexico on July 24, 2023
Verified Purchase
Libro muy completo y didactico
Report
MONDON A.
5.0 out of 5 stars Intéressant
Reviewed in France on January 10, 2024
Verified Purchase
Cadeau pour mon fils. Il faut être passionné par le sujet et c'est le cas!
One person found this helpful
 Report
Seb Now
5.0 out of 5 stars Awesome!
Reviewed in the United Kingdom on December 24, 2022
Verified Purchase
Just get it! It is a big book. Loads of stuff, but well writen and very helpful
Report
Mihail Gaberov
5.0 out of 5 stars Haven’t finished yet, but from I have read so far it’s definitely worth! I totally recommend it!
Reviewed in Spain on December 15, 2022
Verified Purchase
Customer image
Mihail Gaberov
5.0 out of 5 stars Haven’t finished yet, but from I have read so far it’s definitely worth! I totally recommend it!
Reviewed in Spain on December 15, 2022
Images in this review
Customer image
Customer image
Report
Laura
5.0 out of 5 stars Sehr gut
Reviewed in Germany on March 4, 2021
Verified Purchase
Das Buch gefällt mir bisher sehr gut, besonders, wenn man in das Thema einsteigt. Es gibt viele praktische Anwendungsmöglichkeiten, bei den Kapiteln zu Ida pro bin ich noch nicht sicher, ob man die praktischen Übungen auch mit der kostenlosen Version durchführen kann. Aber ich kann es trotzdem empfehlen, besonders für den Einstieg.
Report