Muutke küpsiste eelistusi

E-raamat: Practical Malware Analysis

4.48/5 (1145 hinnangut Goodreads-ist)
  • Formaat: EPUB+DRM
  • Ilmumisaeg: 01-Feb-2012
  • Kirjastus: No Starch Press,US
  • Keel: eng
  • ISBN-13: 9781593274306
Teised raamatud teemal:
  • Formaat - EPUB+DRM
  • Hind: 43,04 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
Practical Malware AnalysisSuurem pilt
  • Formaat: EPUB+DRM
  • Ilmumisaeg: 01-Feb-2012
  • Kirjastus: No Starch Press,US
  • Keel: eng
  • ISBN-13: 9781593274306
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

Malware analysis is big business, and attacks can cost a company dearly. When malware breaches your defenses, you need to act quickly to cure current infections and prevent future ones from occurring. For those who want to stay ahead of the latest malware, Practical Malware Analysis will teach you the tools and techniques used by professional analysts. With this book as your guide, you'll be able to safely analyze, debug, and disassemble any malicious software that comes your way. You'll learn how to: Set up a safe virtual environment to analyze malware Quickly extract network signatures and host-based indicators Use key analysis tools like IDA Pro, OllyDbg, and WinDbg Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques Use your newfound knowledge of Windows internals for malware analysis Develop a methodology for unpacking malware and get practical experience with five of the most popular packers Analyze special cases of malware with shellcode, C++, and 64-bit code Hands-on labs throughout the book challenge you to practice and synthesize your skills as you dissect real malware samples, and pages of detailed dissections offer an over-the-shoulder look at how the pros do it. You'll learn how to crack open malware to see how it really works, determine what damage it has done, thoroughly clean your network, and ensure that the malware never comes back. Malware analysis is a cat-and-mouse game with rules that are constantly changing, so make sure you have the fundamentals. Whether you're tasked with securing one network or a thousand networks, or you're making a living as a malware analyst, you'll find what you need to succeed in Practical Malware Analysis.

Arvustused

"A hands-on introduction to malware analysis. I'd recommend it to anyone who wants to dissect Windows malware." Ilfak Guilfanov, Creator of IDA Pro

"The book every malware analyst should keep handy." Richard Bejtlich, CSO of Mandiant & Founder of TaoSecurity

"This book does exactly what it promises on the cover; it's crammed with detail and has an intensely practical approach, but it's well organised enough that you can keep it around as handy reference." Mary Branscombe, ZDNet

"If you're starting out in malware analysis, or if you are are coming to analysis from another discipline, I'd recommend having a nose." Paul Baccas, Naked Security from Sophos

"An excellent crash course in malware analysis." Dino Dai Zovi, Independent Security Consultant

"The most comprehensive guide to analysis of malware, offering detailed coverage of all the essential skills required to understand the specific challenges presented by modern malware." Chris Eagle, Senior Lecturer of Computer Science at the Naval Postgraduate School

"A great introduction to malware analysis. All chapters contain detailed technical explanations and hands-on lab exercises to get you immediate exposure to real malware." Sebastian Porst, Google Software Engineer

"Brings reverse engineering to readers of all skill levels. Technically rich and accessible, the labs will lead you to a deeper understanding of the art and science of reverse engineering. I strongly recommend this book for beginners and experts alike. I strongly believe this will become the defacto text for learning malware analysis in the future." Danny Quist, PhD, Founder of Offensive Computing

An awesome book. . . written by knowledgeable authors who possess the rare gift of being able to communicate their knowledge through the written word. Richard Austin, IEEE Cipher

"If you only read one malware book or are looking to break into the world of malware analysis, this is the book to get." Patrick Engebretson, IA Professor at Dakota State University and Author of The Basics of Hacking and Pen Testing

"An excellent addition to the course materials for an advanced graduate level course on Software Security or Intrusion Detection Systems. The labs are especially useful to students in teaching the methods to reverse engineer, analyze and understand malicious software." Sal Stolfo, Professor, Columbia University

"The explanation of the tools is clear, the presentation of the process is lucid, and the actual detective work fascinating. All presented clearly and hitting just the right level so that developers with no previous experience in this particular area can participate fully. Highly recommended." Dr. Dobb's

"This book is like having your very own personal malware analysis teacher without the expensive training costs." Dustin Schultz, TheXploit

"I highly recommend this book to anyone looking to get their feet wet in malware analysis or just looking for a good desktop reference on the subject." Pete Arzamendi, 403 Labs

I do not see how anyone who has hands-on responsibility for security of Windows systems can rationalize not being familiar with these tools. Stephen Northcutt, SANS Institute

"Practical Malware Analysis is another book that should be within reaching distance in anyones DFIR shop. I went ahead and purchased PMA hoping the book would improve my knowledge and skills when faced with malware. What I ended up with was knowledge, a process and tools I can use to analyze any program I encounter. PMA gets a five star review (5 out of 5)." Journey Into Incident Response

Highly recommend it to those looking to enter the malware analysis field. Linux Ninja

"If you are a beginner to this hacking field, then this book will be an excellent choice for you." Hackerzzz

"I cannot recommend it enough." Tony Robinson, Security Boulevard

About the Authors xix
About the Technical Reviewer xx
About the Contributing Authors xx
Foreword xxi
Richard Bejtlich
Acknowledgments xxv
Individual Thanks xxv
Introduction xxvii
What Is Malware Analysis? xxviii
Prerequisites xxviii
Practical, Hands-On Learning xxix
What's in the Book? xxx
0 Malware Analysis Primer
1(8)
The Goals of Malware Analysis
1(1)
Malware Analysis Techniques
2(1)
Basic Static Analysis
2(1)
Basic Dynamic Analysis
2(1)
Advanced Static Analysis
3(1)
Advanced Dynamic Analysis
3(1)
Types of Malware
3(2)
General Rules for Malware Analysis
5(4)
PART 1 BASIC ANALYSIS
1 Basic Static Techniques
9(20)
Antivirus Scanning: A Useful First Step
10(1)
Hashing: A Fingerprint for Malware
10(1)
Finding Strings
11(2)
Packed and Obfuscated Malware
13(1)
Packing Files
13(1)
Detecting Packers with PEiD
14(1)
Portable Executable File Format
14(1)
Linked Libraries and Functions
15(3)
Static, Runtime, and Dynamic Linking
15(1)
Exploring Dynamically Linked Functions with Dependency Walker
16(2)
Imported Functions
18(1)
Exported Functions
18(1)
Static Analysis in Practice
18(3)
PotentialKeylogger.exe: An Unpacked Executable
18(3)
PackedProgram.exe: A Dead End
21(1)
The PE File Headers and Sections
21(5)
Examining PE Files with PEview
22(3)
Viewing the Resource Section with Resource Hacker
25(1)
Using Other PE File Tools
26(1)
PE Header Summary
26(1)
Conclusion
26(1)
Labs
27(2)
2 Malware Analysis in Virtual Machines
29(10)
The Structure of a Virtual Machine
30(1)
Creating Your Malware Analysis Machine
31(3)
Configuring VMware
31(3)
Using Your Malware Analysis Machine
34(2)
Connecting Malware to the Internet
34(1)
Connecting and Disconnecting Peripheral Devices
34(1)
Taking Snapshots
35(1)
Transferring Files from a Virtual Machine
36(1)
The Risks of Using VMware for Malware Analysis
36(1)
Record/Replay: Running Your Computer in Reverse
37(1)
Conclusion
37(2)
3 Basic Dynamic Analysis
39(26)
Sandboxes: The Quick-and-Dirty Approach
40(2)
Using a Malware Sandbox
40(1)
Sandbox Drawbacks
41(1)
Running Malware
42(1)
Monitoring with Process Monitor
43(4)
The Procmon Display
44(1)
Filtering in Procmon
44(3)
Viewing Processes with Process Explorer
47(3)
The Process Explorer Display
47(1)
Using the Verify Option
48(1)
Comparing Strings
49(1)
Using Dependency Walker
49(1)
Analyzing Malicious Documents
50(1)
Comparing Registry Snapshots with Regshot
50(1)
Faking a Network
51(2)
Using ApateDNS
51(1)
Monitoring with Netcat
52(1)
Packet Sniffing with Wireshark
53(2)
Using INetSim
55(1)
Basic Dynamic Tools in Practice
56(4)
Conclusion
60(1)
Labs
61(4)
PART 2 ADVANCED STATIC ANALYSIS
4 A Crash Course in X86 Disassembly
65(22)
Levels of Abstraction
66(1)
Reverse-Engineering
67(1)
The x86 Architecture
68(17)
Main Memory
69(1)
Instructions
69(1)
Opcodes and Endianness
70(1)
Operands
70(1)
Registers
71(2)
Simple Instructions
73(4)
The Stack
77(3)
Conditionals
80(1)
Branching
80(1)
Rep Instructions
81(2)
C Main Method and Offsets
83(2)
More Information: Intel x86 Architecture Manuals
85(1)
Conclusion
85(2)
5 IDA Pro
87(22)
Loading an Executable
88(1)
The IDA Pro Interface
89(6)
Disassembly Window Modes
89(2)
Useful Windows for Analysis
91(1)
Returning to the Default View
92(1)
Navigating IDA Pro
92(2)
Searching
94(1)
Using Cross-References
95(2)
Code Cross-References
95(1)
Data Cross-References
96(1)
Analyzing Functions
97(1)
Using Graphing Options
98(2)
Enhancing Disassembly
100(3)
Renaming Locations
100(1)
Comments
100(1)
Formatting Operands
100(2)
Using Named Constants
102(1)
Redefining Code and Data
103(1)
Extending IDA with Plug-ins
103(3)
Using IDC Scripts
104(1)
Using IDAPython
105(1)
Using Commercial Plug-ins
106(1)
Conclusion
106(1)
Labs
107(2)
6 Recognizing C Code Constructs in Assembly
109(26)
Global vs. Local Variables
110(2)
Disassembling Arithmetic Operations
112(1)
Recognizing if Statements
113(3)
Analyzing Functions Graphically with IDA Pro
114(1)
Recognizing Nested if Statements
114(2)
Recognizing Loops
116(3)
Finding for Loops
116(2)
Finding while Loops
118(1)
Understanding Function Call Conventions
119(2)
cdecl
119(1)
stdcall
120(1)
fastcall
120(1)
Push vs. Move
120(1)
Analyzing switch Statements
121(6)
If Style
122(1)
Jump Table
123(4)
Disassembling Arrays
127(1)
Identifying Structs
128(2)
Analyzing Linked List Traversal
130(2)
Conclusion
132(1)
Labs
133(2)
7 Analyzing Malicious Windows Programs
135(32)
The Windows API
136(3)
Types and Hungarian Notation
136(1)
Handles
137(1)
File System Functions
137(1)
Special Files
138(1)
The Windows Registry
139(4)
Registry Root Keys
140(1)
Regedit
140(1)
Programs that Run Automatically
140(1)
Common Registry Functions
141(1)
Analyzing Registry Code in Practice
141(1)
Registry Scripting with .reg Files
142(1)
Networking APIs
143(2)
Berkeley Compatible Sockets
143(1)
The Server and Client Sides of Networking
144(1)
The WinINet API
145(1)
Following Running Malware
145(13)
DLLs
145(2)
Processes
147(2)
Threads
149(2)
Interprocess Coordination with Mutexes
151(1)
Services
152(2)
The Component Object Model
154(3)
Exceptions: When Things Go Wrong
157(1)
Kernel vs. User Mode
158(1)
The Native API
159(2)
Conclusion
161(1)
Labs
162(5)
PART 3 ADVANCED DYNAMIC ANALYSIS
8 Debugging
167(12)
Source-Level vs. Assembly-Level Debuggers
168(1)
Kernel vs. User-Mode Debugging
168(1)
Using a Debugger
169(6)
Single-Stepping
169(1)
Stepping-Over vs. Stepping-Into
170(1)
Pausing Execution with Breakpoints
171(4)
Exceptions
175(2)
First- and Second-Chance Exceptions
176(1)
Common Exceptions
176(1)
Modifying Execution with a Debugger
177(1)
Modifying Program Execution in Practice
177(1)
Conclusion
178(1)
9 Ollydbg
179(26)
Loading Malware
180(1)
Opening an Executable
180(1)
Attaching to a Running Process
181(1)
The OllyDbg Interface
181(2)
Memory Map
183(2)
Rebasing
184(1)
Viewing Threads and Stacks
185(1)
Executing Code
186(2)
Breakpoints
188(3)
Software Breakpoints
188(1)
Conditional Breakpoints
189(1)
Hardware Breakpoints
190(1)
Memory Breakpoints
190(1)
Loading DLLs
191(1)
Tracing
192(2)
Standard Back Trace
192(1)
Call Stack
193(1)
Run Trace
193(1)
Tracing Poison Ivy
193(1)
Exception Handling
194(1)
Patching
195(1)
Analyzing Shellcode
196(1)
Assistance Features
197(1)
Plug-ins
197(3)
OllyDump
198(1)
Hide Debugger
198(1)
Command Line
198(1)
Bookmarks
199(1)
Scriptable Debugging
200(1)
Conclusion
201(1)
Labs
202(3)
10 Kernel Debugging with Windbg
205(26)
Drivers and Kernel Code
206(1)
Setting Up Kernel Debugging
207(3)
Using WinDbg
210(2)
Reading from Memory
210(1)
Using Arithmetic Operators
211(1)
Setting Breakpoints
211(1)
Listing Modules
212(1)
Microsoft Symbols
212(3)
Searching for Symbols
212(1)
Viewing Structure Information
213(2)
Configuring Windows Symbols
215(1)
Kernel Debugging in Practice
215(6)
Looking at the User-Space Code
215(2)
Looking at the Kernel-Mode Code
217(3)
Finding Driver Objects
220(1)
Rootkits
221(5)
Rootkit Analysis in Practice
222(3)
Interrupts
225(1)
Loading Drivers
226(1)
Kernel Issues for Windows Vista, Windows 7, and x64 Versions
226(1)
Conclusion
227(1)
Labs
228(3)
PART 4 MALWARE FUNCTIONALITY
11 Malware Behavior
231(22)
Downloaders and Launchers
231(1)
Backdoors
232(2)
Reverse Shell
232(1)
RATs
233(1)
Botnets
234(1)
RATs and Botnets Compared
234(1)
Credential Stealers
234(7)
GINA Interception
235(1)
Hash Dumping
236(2)
Keystroke Logging
238(3)
Persistence Mechanisms
241(4)
The Windows Registry
241(2)
Trojanized System Binaries
243(1)
DLL Load-Order Hijacking
244(1)
Privilege Escalation
245(2)
Using SeDebugPrivilege
246(1)
Covering Its Tracks---User-Mode Rootkits
247(3)
IAT Hooking
248(1)
Inline Hooking
248(2)
Conclusion
250(1)
Labs
251(2)
12 Covert Malware Launching
253(16)
Launchers
253(1)
Process Injection
254(3)
DLL Injection
254(3)
Direct Injection
257(1)
Process Replacement
257(2)
Hook Injection
259(3)
Local and Remote Hooks
260(1)
Keyloggers Using Hooks
260(1)
Using SetWindowsHookEx
260(1)
Thread Targeting
261(1)
Detours
262(1)
APC Injection
262(3)
APC Injection from User Space
263(1)
APC Injection from Kernel Space
264(1)
Conclusion
265(1)
Labs
266(3)
13 Data Encoding
269(28)
The Goal of Analyzing Encoding Algorithms
270(1)
Simple Ciphers
270(10)
Caesar Cipher
270(1)
XOR
271(5)
Other Simple Encoding Schemes
276(1)
Base64
277(3)
Common Cryptographic Algorithms
280(5)
Recognizing Strings and Imports
281(1)
Searching for Cryptographic Constants
282(1)
Searching for High-Entropy Content
283(2)
Custom Encoding
285(3)
Identifying Custom Encoding
285(3)
Advantages of Custom Encoding to the Attacker
288(1)
Decoding
288(6)
Self-Decoding
288(1)
Manual Programming of Decoding Functions
289(2)
Using Instrumentation for Generic Decryption
291(3)
Conclusion
294(1)
Labs
295(2)
14 Malware-Focused Network Signatures
297(30)
Network Countermeasures
297(3)
Observing the Malware in Its Natural Habitat
298(1)
Indications of Malicious Activity
298(1)
OPSEC = Operations Security
299(1)
Safely Investigate an Attacker Online
300(2)
Indirection Tactics
300(1)
Getting IP Address and Domain Information
300(2)
Content-Based Network Countermeasures
302(5)
Intrusion Detection with Snort
303(1)
Taking a Deeper Look
304(3)
Combining Dynamic and Static Analysis Techniques
307(14)
The Danger of Overanalysis
308(1)
Hiding in Plain Sight
308(4)
Understanding Surrounding Code
312(1)
Finding the Networking Code
313(1)
Knowing the Sources of Network Content
314(1)
Hard-Coded Data vs. Ephemeral Data
314(1)
Identifying and Leveraging the Encoding Steps
315(2)
Creating a Signature
317(1)
Analyze the Parsing Routines
318(2)
Targeting Multiple Elements
320(1)
Understanding the Attacker's Perspective
321(1)
Conclusion
322(1)
Labs
323(4)
PART 5 ANTI-REVERSE-ENGINEERING
15 Anti-Disassembly
327(24)
Understanding Anti-Disassembly
328(1)
Defeating Disassembly Algorithms
329(5)
Linear Disassembly
329(2)
Flow-Oriented Disassembly
331(3)
Anti-Disassembly Techniques
334(6)
Jump Instructions with the Same Target
334(2)
A Jump Instruction with a Constant Condition
336(1)
Impossible Disassembly
337(3)
NOP-ing Out Instructions with IDA Pro
340(1)
Obscuring Flow Control
340(7)
The Function Pointer Problem
340(2)
Adding Missing Code Cross-References in IDA Pro
342(1)
Return Pointer Abuse
342(2)
Misusing Structured Exception Handlers
344(3)
Thwarting Stack-Frame Analysis
347(2)
Conclusion
349(1)
Labs
350(1)
16 Anti-Debugging
351(18)
Windows Debugger Detection
352(4)
Using the Windows API
352(1)
Manually Checking Structures
353(3)
Checking for System Residue
356(1)
Identifying Debugger Behavior
356(3)
INT Scanning
357(1)
Performing Code Checksums
357(1)
Timing Checks
357(2)
Interfering with Debugger Functionality
359(4)
Using TLS Callbacks
359(2)
Using Exceptions
361(1)
Inserting Interrupts
362(1)
Debugger Vulnerabilities
363(2)
PE Header Vulnerabilities
363(2)
The OutputDebugString Vulnerability
365(1)
Conclusion
365(2)
Labs
367(2)
17 Anti-Virtual Machine Techniques
369(14)
VMware Artifacts
370(3)
Bypassing VMware Artifact Searching
372(1)
Checking for Memory Artifacts
373(1)
Vulnerable Instructions
373(6)
Using the Red Pill Anti-VM Technique
374(1)
Using the No Pill Technique
375(1)
Querying the I/O Communication Port
375(2)
Using the str Instruction
377(1)
Anti-VM x86 Instructions
377(1)
Highlighting Anti-VM in IDA Pro
377(2)
Using ScoopyNG
379(1)
Tweaking Settings
379(1)
Escaping the Virtual Machine
380(1)
Conclusion
380(1)
Labs
381(2)
18 Packers and Unpacking
383(24)
Packer Anatomy
384(3)
The Unpacking Stub
384(1)
Loading the Executable
384(1)
Resolving Imports
385(1)
The Tail Jump
386(1)
Unpacking Illustrated
386(1)
Identifying Packed Programs
387(1)
Indicators of a Packed Program
387(1)
Entropy Calculation
387(1)
Unpacking Options
388(1)
Automated Unpacking
388(1)
Manual Unpacking
389(8)
Rebuilding the Import Table with Import Reconstructor
390(1)
Finding the OEP
391(4)
Repairing the Import Table Manually
395(2)
Tips and Tricks for Common Packers
397(3)
UPX
397(1)
PECompact
397(1)
ASPack
398(1)
Petite
398(1)
WinUpack
398(2)
Themida
400(1)
Analyzing Without Fully Unpacking
400(1)
Packed DLLs
401(1)
Conclusion
402(1)
Labs
403(4)
PART 6 SPECIAL TOPICS
19 Shellcode Analysis
407(20)
Loading Shellcode for Analysis
408(1)
Position-Independent Code
408(1)
Identifying Execution Location
409(4)
Using call/pop
409(2)
Using fnstenv
411(2)
Manual Symbol Resolution
413(5)
Finding kernel32.dll in Memory
413(2)
Parsing PE Export Data
415(2)
Using Hashed Exported Names
417(1)
A Full Hello World Example
418(3)
Shellcode Encodings
421(1)
NOP Sleds
422(1)
Finding Shellcode
423(1)
Conclusion
424(1)
Labs
425(2)
20 C++ Analysis
427(14)
Object-Oriented Programming
427(5)
The this Pointer
428(2)
Overloading and Mangling
430(2)
Inheritance and Function Overriding
432(1)
Virtual vs. Nonvirtual Functions
432(5)
Use of Vtables
434(1)
Recognizing a Vtable
435(2)
Creating and Destroying Objects
437(1)
Conclusion
438(1)
Labs
439(2)
21 64-BIT Malware
441(12)
Why 64-Bit Malware?
442(1)
Differences in x64 Architecture
443(4)
Differences in the x64 Calling Convention and Stack Usage
444(3)
64-Bit Exception Handling
447(1)
Windows 32-Bit on Windows 64-Bit
447(1)
64-Bit Hints at Malware Functionality
448(1)
Conclusion
449(1)
Labs
450(3)
A Important Windows Functions
453(12)
B Tools for Malware Analysis
465(12)
C Solutions to Labs
477(256)
Lab 1-1
477(2)
Lab 1-2
479(1)
Lab 1-3
480(1)
Lab 1-4
481(1)
Lab 3-1
482(3)
Lab 3-2
485(5)
Lab 3-3
490(2)
Lab 3-4
492(2)
Lab 5-1
494(7)
Lab 6-1
501(2)
Lab 6-2
503(4)
Lab 6-3
507(4)
Lab 6-4
511(2)
Lab 7-1
513(4)
Lab 7-2
517(2)
Lab 7-3
519(11)
Lab 9-1
530(9)
Lab 9-2
539(6)
Lab 9-3
545(3)
Lab 10-1
548(6)
Lab 10-2
554(6)
Lab 10-3
560(6)
Lab 11-1
566(5)
Lab 11-2
571(10)
Lab 11-3
581(5)
Lab 12-1
586(4)
Lab 12-2
590(7)
Lab 12-3
597(2)
Lab 12-4
599(8)
Lab 13-1
607(5)
Lab 13-2
612(5)
Lab 13-3
617(9)
Lab 14-1
626(6)
Lab 14-2
632(5)
Lab 14-3
637(8)
Lab 15-1
645(1)
Lab 15-2
646(6)
Lab 15-3
652(3)
Lab 16-1
655(5)
Lab 16-2
660(5)
Lab 16-3
665(5)
Lab 17-1
670(3)
Lab 17-2
673(5)
Lab 17-3
678(6)
Lab 18-1
684(1)
Lab 18-2
685(1)
Lab 18-3
686(3)
Lab 18-4
689(2)
Lab 18-5
691(5)
Lab 19-1
696(3)
Lab 19-2
699(4)
Lab 19-3
703(9)
Lab 20-1
712(1)
Lab 20-2
713(4)
Lab 20-3
717(6)
Lab 21-1
723(5)
Lab 21-2
728(5)
Index 733
Michael Sikorski is a malware analyst, researcher, and security consultant at Mandiant. His previous employers include the National Security Agency and MIT Lincoln Laboratory. Mike frequently teaches malware analysis to a variety of audiences including the FBI and Black Hat. Andrew Honig is an Information Assurance Expert for the Department of Defense. He teaches courses on software analysis, reverse engineering, and Windows system programming. Andy is publicly credited with several zero-day exploits in VMware's virtualization products.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97815932743066e.html
Märksõnad: