Evasive Malware: A Field Guide to Detecting, Analyzing, and Defeating Advanced Threats - Couverture souple
Synopsis
Get up to speed on state-of-the-art malware with this first-ever guide to analyzing malicious Windows software designed to actively avoid detection and forensic tools.
We’re all aware of Stuxnet, ShadowHammer, Sunburst, and similar attacks that use evasion to remain hidden while defending themselves from detection and analysis. Because advanced threats like these can adapt and, in some cases, self-destruct to evade detection, even the most seasoned investigators can use a little help with analysis now and then. Evasive Malware will introduce you to the evasion techniques used by today’s malicious software and show you how to defeat them.
Following a crash course on using static and dynamic code analysis to uncover malware’s true intentions, you’ll learn how malware weaponizes context awareness to detect and skirt virtual machines and sandboxes, plus the various tricks it uses to thwart analysis tools. You’ll explore the world of anti-reversing, from anti-disassembly methods and debugging interference to covert code execution and misdirection tactics. You’ll also delve into defense evasion, from process injection and rootkits to fileless malware. Finally, you’ll dissect encoding, encryption, and the complexities of malware obfuscators and packers to uncover the evil within.
You’ll learn how malware:
- Abuses legitimate components of Windows, like the Windows API and LOLBins, to run undetected
- Uses environmental quirks and context awareness, like CPU timing and hypervisor enumeration, to detect attempts at analysis
- Bypasses network and endpoint defenses using passive circumvention techniques, like obfuscation and mutation, and active techniques, like unhooking and tampering
- Detects debuggers and circumvents dynamic and static code analysis
You’ll also find tips for building a malware analysis lab and tuning it to better counter anti-analysis techniques in malware. Whether you’re a frontline defender, a forensic analyst, a detection engineer, or a researcher, Evasive Malware will arm you with the knowledge and skills you need to outmaneuver the stealthiest of today’s cyber adversaries.
Les informations fournies dans la section « Synopsis » peuvent faire référence à une autre édition de ce titre.
À propos de l?auteur
Kyle Cucci has over 17 years in cybersecurity and IT, including roles as a malware analyst and detection engineer with Proofpoint’s Threat Research team and leader of the forensic investigations and malware research teams at Deutsche Bank. Cucci regularly speaks at security conferences and has led international trainings and workshops on topics such as malware analysis and security engineering. In his free time, Cucci enjoys contributing to the community via open source tooling, research, and blogging.
Les informations fournies dans la section « A propos du livre » peuvent faire référence à une autre édition de ce titre.
Résultats de recherche pour Evasive Malware: A Field Guide to Detecting, Analyzing,...
Image d'archives
Evasive Malware: A Field Guide to Detecting, Analyzing, and Defeating Advanced Threats
Vendeur : Red's Corner LLC, Tucker, GA, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
Paperback. Etat : New. This is a new book. All orders ship by next business day! We are a small company and very thankful for your business! N° de réf. du vendeur mon0000057758
Acheter neuf
EUR 37,25
Expédition à EUR 3,43
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : 1 disponible(s)
Image fournie par le vendeur
Evasive Malware: A Field Guide to Detecting, Analyzing, and Defeating Advanced Threats
Edité par
No Starch Press, 2024
ISBN 10 : 1718503261
ISBN 13 : 9781718503267
Ancien ou d'occasion
Couverture souple
Vendeur : Goodwill Books, Hillsboro, OR, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
Etat : good. Signs of wear and consistent use. N° de réf. du vendeur GICWV.1718503261.G
Acheter D'occasion
EUR 37,45
Expédition à EUR 3,42
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : 1 disponible(s)
Image fournie par le vendeur
Evasive Malware: A Field Guide to Detecting, Analyzing, and Defeating Advanced Threats
Edité par
No Starch Press, 2024
ISBN 10 : 1718503261
ISBN 13 : 9781718503267
Ancien ou d'occasion
Couverture souple
Vendeur : MERS Goodwill, Saint Louis, MO, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
Etat : acceptable. Used - Acceptable: All pages and the cover are intact, but shrink wrap, dust covers, or boxed set case may be missing. Pages may include limited notes, highlighting, or minor water damage but the text is readable. Pages may include limited notes and highlighting, but the text cannot be obscured or unreadable. Any access codes or passwords originally included with the book may be expired, used or no longer valid. Image is stock photo and cover art edition may be different than pictured. N° de réf. du vendeur MERV.1718503261.A
Acheter D'occasion
EUR 40,98
Expédition à EUR 3,43
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : 1 disponible(s)
Image d'archives
Evasive Malware (Paperback)
Edité par
No Starch Press,US, San Francisco, 2024
ISBN 10 : 1718503261
ISBN 13 : 9781718503267
Neuf
Paperback
Vendeur : Grand Eagle Retail, Bensenville, IL, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
Paperback. Etat : new. Paperback. Get up to speed on state-of-the-art malware with this first-ever guide to analyzing malicious Windows software designed to actively avoid detection and forensic tools.Get up to speed on state-of-the-art malware with this first-ever guide to analyzing malicious Windows software designed to actively avoid detection and forensic tools.We're all aware of Stuxnet, ShadowHammer, Sunburst, and similar attacks that use evasion to remain hidden while defending themselves from detection and analysis. Because advanced threats like these can adapt and, in some cases, self-destruct to evade detection, even the most seasoned investigators can use a little help with analysis now and then. Evasive Malware will introduce you to the evasion techniques used by today's malicious software and show you how to defeat them.Following a crash course on using static and dynamic code analysis to uncover malware's true intentions, you'll learn how malware weaponizes context awareness to detect and skirt virtual machines and sandboxes, plus the various tricks it uses to thwart analysis tools. You'll explore the world of anti-reversing, from anti-disassembly methods and debugging interference to covert code execution and misdirection tactics. You'll also delve into defense evasion, from process injection and rootkits to fileless malware. Finally, you'll dissect encoding, encryption, and the complexities of malware obfuscators and packers to uncover the evil within.You'll learn how malware-Abuses legitimate components of Windows, like the Windows API and LOLBins, to run undetectedUses environmental quirks and context awareness, like CPU timing and hypervisor enumeration, to detect attempts at analysisBypasses network and endpoint defenses using passive circumvention techniques, like obfuscation and mutation, and active techniques, like unhooking and tamperingDetects debuggers and circumvents dynamic and static code analysisYou'll also find tips for building a malware analysis lab and tuning it to better counter anti-analysis techniques in malware. Whether you're a frontline defender, a forensic analyst, a detection engineer, or a researcher, Evasive Malware will arm you with the knowledge and skills you need to outmaneuver the stealthiest of today's cyber adversaries. Shipping may be from multiple locations in the US or from the UK, depending on stock availability. N° de réf. du vendeur 9781718503267
Acheter neuf
EUR 47,71
Livraison gratuite
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : 1 disponible(s)
Image fournie par le vendeur
Evasive Malware : Understanding Deceptive and Self-defending Threats
Vendeur : GreatBookPrices, Columbia, MD, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
Etat : New. N° de réf. du vendeur 45806572-n
Acheter neuf
EUR 47,05
Expédition à EUR 2,27
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : 3 disponible(s)
Image fournie par le vendeur
Evasive Malware : Understanding Deceptive and Self-defending Threats
Edité par
No Starch Press, 2024
ISBN 10 : 1718503261
ISBN 13 : 9781718503267
Ancien ou d'occasion
Couverture souple
Vendeur : GreatBookPrices, Columbia, MD, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
Etat : As New. Unread book in perfect condition. N° de réf. du vendeur 45806572
Acheter D'occasion
EUR 48,06
Expédition à EUR 2,27
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : 3 disponible(s)
Image fournie par le vendeur
Evasive Malware
Vendeur : Rarewaves USA, OSWEGO, IL, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
Paperback. Etat : New. Dive into the fascinating and terrifying world of evasive malware - malicious software designed to avoid detection. The first of its kind, this thorough introduction is full of practical information, real-world examples, and cutting-edge techniques for discovering, reverse-engineering, and analysing state-of-the-art malware. Beginning with foundational knowledge about malware analysis in the context of the Windows OS, you'll learn about the evasive manoeuvres that malware programs use to determine whether they're being analysed and the tricks they employ to avoid detection. You'll explore the ways malware circumvents security controls, such as network or endpoint defence bypasses, anti-forensics techniques, and malware that deploys data and code obfuscation. At the end of the book, you'll build your very own anti-evasion analysis lab. You'll learn: Modern evasive malware threats, anti-analysis techniques used in malware, how malware bypasses and circumvents security controls, how malware uses victim targeting and profiling techniques, how malware uses anti-forensics and file-less techniques, how to perform malware analysis and reverse engineering on evasive programs. N° de réf. du vendeur LU-9781718503267
Acheter neuf
EUR 52,48
Livraison gratuite
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : Plus de 20 disponibles
Image d'archives
Evasive Malware
Vendeur : Books Puddle, New York, NY, Etats-Unis
Évaluation du vendeur 4 sur 5 étoiles
Etat : New. N° de réf. du vendeur 26396352193
Acheter neuf
EUR 56,23
Expédition à EUR 3,42
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : 3 disponible(s)
Image d'archives
Evasive Malware
Vendeur : PBShop.store UK, Fairford, GLOS, Royaume-Uni
Évaluation du vendeur 4 sur 5 étoiles
PAP. Etat : New. New Book. Shipped from UK. Established seller since 2000. N° de réf. du vendeur EB-9781718503267
Acheter neuf
EUR 53,91
Expédition à EUR 7,79
Expédition depuis Royaume-Uni vers Etats-Unis
Expédition depuis Royaume-Uni vers Etats-Unis
Quantité disponible : 15 disponible(s)
Image d'archives
Evasive Malware
Vendeur : Kennys Bookshop and Art Galleries Ltd., Galway, GY, Irlande
Évaluation du vendeur 5 sur 5 étoiles
Etat : New. N° de réf. du vendeur V9781718503267
Acheter neuf
EUR 59,71
Expédition à EUR 10,50
Expédition depuis Irlande vers Etats-Unis
Expédition depuis Irlande vers Etats-Unis
Quantité disponible : 1 disponible(s)