Skip to content
Permalink
Browse files

Create README.md

  • Loading branch information...
sudosev committed Jun 14, 2017
1 parent f7b350b commit 9ac266e565aa01ba82bb0c38f569d2804f1c08a3
Showing with 4 additions and 0 deletions.
  1. +4 −0 books/README.md
@@ -13,13 +13,17 @@ A short collection of books that may be of interest.

## Reverse Engineering / Malware Analysis
* [Practical Malware Analysis](https://www.amazon.co.uk/d/Books/Practical-Malware-Analysis-Hands-Dissecting-Malicious-Software/1593272901/ref=sr_1_1?ie=UTF8&qid=1497404417&sr=8-1&keywords=practical+malware+analysis)

Considered to be the bible of malware analysis. This book teaches from the ground up, beginning with static analysis of a file, all the way through to complete disassembly of a file. Lab exercises of increasing difficulty are also included and are well worth the time if you are looking to move into malware analysis.

* [Malware Analyst's Cookbook](https://www.amazon.co.uk/Malware-Analysts-Cookbook-DVD-Techniques/dp/0470613033/ref=sr_1_1?ie=UTF8&qid=1497404536&sr=8-1&keywords=malware+analysts+cookbook)

Once you've picked up some basic malware analysis techniques from PMA, this book will help you with a lot of the threat hunting and automation side of malware analysis, focusing on honeypots and scripts for various tasks. For example - how to identify a potential domain generation algorithm within a binary and then how to write a Python script that will loop through the DGA function and pull out all generated domains.

* [Windows Internals Part 1, 6th Edition](https://www.amazon.co.uk/Windows-Internals-Part-Developer-Reference/dp/0735648735/ref=sr_1_1?ie=UTF8&qid=1497405096&sr=8-1&keywords=windows+internals+part+1)

A deep dive into how Windows 7 and Windows Server 2008 R2 functions at the lowest level. Understanding the operating system which a piece of malware is targeting is crucial in a lot of cases. Not only will it help you understand what a piece of malware may be trying to do, it will also highlight additional methods of troubleshooting and debugging Windows systems, providing a better base of knowledge for your malware analysis skills. Part 1 covers - Concepts and Tools, System Architecture, System Mechanisms, Management Mechanisms, Processes - Threads - Jobs, Security, and Networking.

* [Windows Internals Part 2, 6th Edition](https://www.amazon.co.uk/Windows-Internals-Part-Covering-Server/dp/0735665877/ref=sr_1_1?ie=UTF8&qid=1497405318&sr=8-1&keywords=windows+internals+part+2)

Part 2 covers - I/O System, Storage Management, Memeory Management, Cache Manager, File Systems, Startup and Shutdown, Crash Dump Analysis.

0 comments on commit 9ac266e

Please sign in to comment.
You can’t perform that action at this time.