ProductGPT
Try the custom AI to help you find products that Reddit loves.
Practical Malware Analysis by Andrew Honig and Mike Sikorski:
I’m a proud owner of a signed copy by Andrew 😁
https://www.amazon.co.uk/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901/
The above is the best book written on the subject.
I know it's fairly old but it's still the definitive work in malwar analysis and is used as the standard book in cyber forensics university modules. There is no better place to start.
Nju i powershell sam pojeo - ful korisne i praktične stvari.
Trenutno sam na Practical Malware Analysis
A škicam si od Kevina Mitnicka - Ghost in the Wires, Art of Invisibility i Art of Deception.
I’ve taken two extensive courses on malware analysis and they’re both based on the info in this book. It’s worth the investment. Even if you’re never going to get to the point where you’re breaking down binaries with IDA pro or Ghidra, it’s good to know basic static and dynamic analysis.
Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software https://www.amazon.com/dp/1593272901/ref=cm_sw_r_cp_api_glt_i_PK2CE29QSFS1YC20D4PB
Start your malware analysis riiiight here:
Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software https://smile.amazon.com/dp/1593272901/ref=cm_sw_r_cp_api_glt_fabc_GVVTE41HWPPG25D50HWM
It’s a super good book, a great primer on MA. Goes through setting up your environment and both basic and advanced static and dynamic analysis. It’s not dreadfully boring either.
This book is what I used in grad school. It goes through alot of tools and techniques and has labs that you can download and try on. Just make sure to set up your VM with a good revert once all your tools are downloaded. That said I dont recommend looking for it on any free book torrent/download sites...
I did a graduate level course in Malware Analysis. Our textbook was Practical Malware Analysis which I cant recommended enough! You may also be able to find a free version. The book goes step by step through basic static analysis, to patching code with a debugger.
Your welcome. :) If you are truly interested there is a pretty comprehensive book on practical malware analysis, I have never read it but I assume it demands a solid knowledge of the above mentioned topics.
if you want to get a good grasp on malware analysis check out this book. It has many great exercises that will teach you the ropes.
Check this out. Goes from really beginner levels stuff to more experienced by the end of the first section. This book will answer all your question about tool during all phases of forensics analysis. Hope it helps.
I would highly suggest picking up a copy of Practical Malware Analysis. You will notice patterns for the standard C code constructs: Conditional statements (IF), loops, switch cases, structs, data structures (e.g. linked lists).
Chapter 6 in that book will cover those types of details.
I dunno what to tell ya dude.
Read?
I'm not gonna sit here and play wet nurse and explain how modern tech works.
Research MVX. Look up multiflow execution. Read a paper on infection vector analysis.
Dude.... the fucking kill chain and how to find zero days in real time was published in fucking 2012..... you can't keep up with 3 years ago?
Seriously?
Your example still screamed, "Heuristics!" which is adorable if it wasn't abandoned as an obsolete model 4 years ago.
Here.... start here: http://www.amazon.com/Practical-Malware-Analysis-Dissecting-Malicious/dp/1593272901
If you get through that, which is standard reading material in our industry, you will have a better understanding as to why you don't understand zero days.
Start off with python. I recommend codecademy just to get your feet wet. It doesn't dive into the theory that much, just play around with the python 2 course, no need to pay yet.
After that look around for some courses that interest you. There's a free youtube series called python for everybody that does a much better job explaining what is actually happening when using python and how to setup a developer environment.
There is also courses on udemy (wait for sales to happen) that are pretty good. Z security is a good starter and has a course that teaches python while teaching to write malware and other programs (https://www.udemy.com/course/learn-python-and-ethical-hacking-from-scratch/)
Once your bored of python I recommend learning linux commands and then bash scripting. Try Hack Me has some great starter resources. If you have a student email you get a discount for the membership too if you want the paid stuff https://tryhackme.com/ . Play around with the different subjects to find out what you like. Networking, web app, malware, ect.
If you like web app, learn html and make a bare bones website, download burpsuite and mess with portswigger academy https://portswigger.net/web-security. If you like networking try to complete boxes on hack the box https://www.hackthebox.eu/ . If you like programming and learning about malware then learn assembly language and reverse engineering https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901 and youtube channel liveoverflow
Just a word of warning, Packt books are generally a bag of shit.
If you want to begin your journey in Malware Analysis, I highly recommend Practical Malware Analysis and go through the book with Sam Browne. The other book that I'd also recommend is Malware Analysis Cookbook.
PS: It also seems like this accounts is a shill-bot account for Humble Bundle.
This is the book I used to learn it. Practical Malware Analysis is a great resource to get started. With the purchase of the book, you get a code so you can download benign "malware" and get a hands on learning experience.
Yes, I test most of my software (even non-malicious) inside virtual machines.
If something goes wrong, you can easily revert any damage by using snapshots. Without VMs, I'd have destroyed more devices than I've ever owned, whether on accident or purposefully :) Virtual machines also give you the opportunity to emulate different architectures, you may not have physical access to.
I really wish I could give you something better, but my knowledge mostly comes from testing stuff on my own and LOTS of googling. Google is seriously one of the most important tools available at your disposal.
I have not read any books on this topic. The closest thing that comes to my mind are channels like LiveOverflow, PwnFunction, Computerphile. I often see people recommending this book to everyone interested in malware and malware analysis.
One of the most important thing in the whole cybersecurity field is to learn how to think like an attacker. This should come naturally with the knowledge of your target operating system. From the example above, if you know Windows Registry can be used to automatically run programs when Windows starts up, you can use this to your advantage and make your malware persistent across reboots.
Hope that helps :)
You can visit the following websites which they offer for free a malware analysis course.
Also buy the book "Practical Malware Analysis" as it is the standard for all malware analysts.
I'm not too sure if this is the sort of answer you're looking for because it appears that you are pretty new to all this but...
If you read these books, then you will know everything you need (ranked by reward to required effort ratio):
https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901
https://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315
https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189
However, the books might be pretty difficult to understand with how much you currently know.
Which book is better for very begginers? https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901/
or
https://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315
The book "Practical Malware Analysis" has a ton of labs and is pretty great, as is "The Practice of network Security Monitoring". Basically have my current job from stuff I learned in those two books.
For anyone interested a good book to pick up is Practical Malware Analysis: https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901
If you really want to learn about Windows malware then you need to understand Windows Internals, reverse engineering, x86 assembly, C++ at the very least.
Here are some books that cover some of this material: https://www.amazon.com/Practical-Malware-Analysis-Hands--Dissecting/dp/1593272901/ref=sr_1_1?ie=UTF8&qid=1468521904&sr=8-1&keywords=practical+malware+analysis
The books are old and somewhat outdated, but still relevant.
Sorry for the late reply. I've been pretty busy.
Highly recommend:
http://www.amazon.ca/Practical-Malware-Analysis-Dissecting-Malicious/dp/1593272901 http://www.amazon.ca/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315/ http://www.amazon.ca/IDA-Pro-Book-Unofficial-Disassembler/dp/1593272898/
Free stuff:
https://wiki.skullsecurity.org/index.php?title=Fundamentals https://www.reddit.com/r/ReverseEngineering/top/?sort=top&t=all http://beginners.re/ http://www.devttys0.com/ https://microcorruption.com/ - a fun 16-bit CTF
Fun game for learning ASM (cheap): http://store.steampowered.com/app/370360/
The best advice I can give going forward is learning Windows internals and learning x86 assembly to the best of your ability. Start working on binaries that use virtual machines, binaries that use packers and custom comms, etc. Learn how disassemblers work. Once you've done that look at other operating systems, then move onto different architectures, etc. etc.
Learn binary exploitation techniques, and write your own exploits. ROP chains give insight into how different assembly instructions can be interpreted at different offsets, heap exploitation gives you insight into heap management, etc. Everyone is moving onto IoT devices because they have no to very little security, which makes them simple exploitation targets. E.g http://www.routerpwn.com/
Anyways, that should keep you busy for a while :)
I don't know any book about malware writing, but I know some books about it's analysis. Try to read this book. Also you may want to read some books about WinAPI if you are interested in malware for Windows.
If you want to research distribution ways of a malware (such as worms), you may want to read about exploits and binary vulnerabilities. In this case I recommend you to read The Shellcoder's Handbook. Also you can find some useful courses about it at Coursera.
This is a pretty solid resource Practical Malware Analysis - Amazon
http://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901
Honestly, one of the best books I've read for malware analysis. Should give you a great jump into the field.