Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code - Softcover

About the Author

Michael Hale Ligh is a malicious code analyst at Verisign iDefense and Chief of Special Projects at MNIN Security.

Steven Adair is a member of the Shadowserver Foundation and frequently analyzes malware and tracks botnets. He also investigates cyber attacks of all kinds with an emphasis on those linked to cyber espionage.

Blake Hartstein is the author of multiple security tools and a Rapid Response Engineer at Verisign iDefense, where he responds to malware incidents.

Matthew Richard has authored numerous security tools and also ran a managed security service for banks and credit unions.

From the Back Cover

Powerful, step-by-step solutions to dozens of common threats

We called this a cookbook because each "recipe" presents both the ingredients and the steps you take to resolve a specific problem or research a given threat. On the DVD, you'll find supporting files and original programs that provide additional resources. You'll learn how to analyze malware using tools written by the authors as well as hundreds of other publicly available tools. If your job involves incident response, computer forensics, systems security, or antivirus research, this book will become invaluable to you.

• Learn to conduct online investigations without revealing your identity

• Use honeypots to collect malware being distributed by bots and worms

• Analyze JavaScript, PDFs, and Office documents for suspicious content

• Build a low-budget malware lab with virtualization or bare bones hardware

• Reverse engineer common encoding and encryption algorithms

• Set up an advanced memory forensics platform for malware analysis

• Investigate prevalent threats such as Zeus, Silent Banker, CoreFlood, Conficker, Virut, Clampi, Bankpatch, BlackEnergy, and many more!

On the DVD

Use the files on the DVD to follow along with the recipes or to conduct your own investigations and analyses. You will find:

• Evidence files

• Annotated videos

• Source code

• Windows and Linux tools

• Over 50 original programs in Python, C/C++, and Perl

"The most useful technical security book I've read this year. A must-have for all who protect systems from malicious software."
―Lenny Zeltser, Security Practice Director at Savvis and Senior Faculty Member at SANS Institute

"The ultimate guide for anyone interested in malware analysis."
―Ryan Olson, Director, VeriSign iDefense Rapid Response Team

"Every page is filled with practical malware knowledge, innovative ideas, and useful tools. Worth its weight in gold!"
―AAron Walters, Lead Developer of Volatility and VP of Security R&D at Terremark

From the Inside Flap

Powerful, step-by-step solutions to dozens of common threats

We called this a cookbook because each "recipe" presents both the ingredients and the steps you take to resolve a specific problem or research a given threat. On the DVD, you'll find supporting files and original programs that provide additional resources. You'll learn how to analyze malware using tools written by the authors as well as hundreds of other publicly available tools. If your job involves incident response, computer forensics, systems security, or antivirus research, this book will become invaluable to you.

• Learn to conduct online investigations without revealing your identity

• Use honeypots to collect malware being distributed by bots and worms

• Analyze JavaScript, PDFs, and Office documents for suspicious content

• Build a low-budget malware lab with virtualization or bare bones hardware

• Reverse engineer common encoding and encryption algorithms

• Set up an advanced memory forensics platform for malware analysis

• Investigate prevalent threats such as Zeus, Silent Banker, CoreFlood, Conficker, Virut, Clampi, Bankpatch, BlackEnergy, and many more!

On the DVD

Use the files on the DVD to follow along with the recipes or to conduct your own investigations and analyses. You will find:

• Evidence files

• Annotated videos

• Source code

• Windows and Linux tools

• Over 50 original programs in Python, C/C++, and Perl

"The most useful technical security book I've read this year. A must-have for all who protect systems from malicious software."
—Lenny Zeltser, Security Practice Director at Savvis and Senior Faculty Member at SANS Institute

"The ultimate guide for anyone interested in malware analysis."
—Ryan Olson, Director, VeriSign iDefense Rapid Response Team

"Every page is filled with practical malware knowledge, innovative ideas, and useful tools. Worth its weight in gold!"
—AAron Walters, Lead Developer of Volatility and VP of Security R&D at Terremark