Overview
We’re all aware of Stuxnet, ShadowHammer, Sunburst, and similar attacks that use evasion to remain hidden while defending themselves from detection and analysis. Because advanced threats like these can adapt and, in some cases, self-destruct to evade detection, even the most seasoned investigators can use a little help with analysis now and then. Evasive Malware will introduce you to the evasion techniques used by today’s malicious software and show you how to defeat them.
Following a crash course on using static and dynamic code analysis to uncover malware’s true intentions, you’ll learn how malware weaponizes context awareness to detect and skirt virtual machines and sandboxes, plus the various tricks it uses to thwart analysis tools. You’ll explore the world of anti-reversing, from anti-disassembly methods and debugging interference to covert code execution and misdirection tactics. You’ll also delve into defense evasion, from process injection and rootkits to fileless malware. Finally, you’ll dissect encoding, encryption, and the complexities of malware obfuscators and packers to uncover the evil within.
You’ll learn how malware:
- Abuses legitimate components of Windows, like the Windows API and LOLBins, to run undetected
- Uses environmental quirks and context awareness, like CPU timing and hypervisor enumeration, to detect attempts at analysis
- Bypasses network and endpoint defenses using passive circumvention techniques, like obfuscation and mutation, and active techniques, like unhooking and tampering
- Detects debuggers and circumvents dynamic and static code analysis
You’ll also find tips for building a malware analysis lab and tuning it to better counter anti-analysis techniques in malware. Whether you’re a frontline defender, a forensic analyst, a detection engineer, or a researcher, Evasive Malware will arm you with the knowledge and skills you need to outmaneuver the stealthiest of today’s cyber adversaries.
This book title, Evasive Malware (A Field Guide to Detecting, Analyzing, and Defeating Advanced Threats), ISBN: 9781718503267, by Kyle Cucci, published by No Starch Press (September 10, 2024) is available in paperback. Our minimum order quantity is 25 copies. All standard bulk book orders ship FREE in the continental USA and delivered in 4-10 business days.
Unlike Amazon and other retailers who may also offer Evasive Malware (A Field Guide to Detecting, Analyzing, and Defeating Advanced Threats) books on their website, we specialize in large quantities and provide personal service, from trusted, experienced, friendly people in Portland, Oregon. We offer a Price Match Guarantee, and QuickQuote form, to make purchasing quick and easy.
Prefer to work with a human being when you order Evasive Malware (A Field Guide to Detecting, Analyzing, and Defeating Advanced Threats) books in bulk? Our Book Specialists are standing by Monday-Friday 8-5 PST, ready to help!