-
-
[旧帖]
[推荐]恶意软件分析入门好书
0.00雪花
-
发表于:
2012-9-6 15:20
1968
-
[旧帖] [推荐]恶意软件分析入门好书
0.00雪花
《Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software>
恶意软件分析入门不错,讲解很多工具的使用方法,还结合例子进行了说明。目前只有英文版的,中文版的国内貌似有人正在翻译。整本书的目录如下:
Chapter 0: Malware Analysis Primer .................................................................................1
PART 1: BASIC ANALYSIS
Chapter 1: Basic Static Techniques....................................................................................9
Chapter 2: Malware Analysis in Virtual Machines .............................................................29
Chapter 3: Basic Dynamic Analysis .................................................................................39
PART 2: ADVANCED STATIC ANALYSIS
Chapter 4: A Crash Course in x86 Disassembly ...............................................................65
Chapter 5: IDA Pro .......................................................................................................87
Chapter 6: Recognizing C Code Constructs in Assembly..................................................109
Chapter 7: Analyzing Malicious Windows Programs.......................................................135
PART 3: ADVANCED DYNAMIC ANALYSIS
Chapter 8: Debugging.................................................................................................167
Chapter 9: OllyDbg ....................................................................................................179
Chapter 10: Kernel Debugging with WinDbg .................................................................205
PART 4: MALWARE FUNCTIONALITY
Chapter 11: Malware Behavior ....................................................................................231
Chapter 12: Covert Malware Launching ........................................................................253
Chapter 13: Data Encoding .........................................................................................269
Chapter 14: Malware-Focused Network Signatures.........................................................297
PART 5: ANTI-REVERSE-ENGINEERING
Chapter 15: Anti-Disassembly.......................................................................................327
Chapter 16: Anti-Debugging ........................................................................................351
Chapter 17: Anti-Virtual Machine Techniques .................................................................369
Chapter 18: Packers and Unpacking .............................................................................383
PART 6: SPECIAL TOPICS
Chapter 19: Shellcode Analysis ....................................................................................407
Chapter 20: C++ Analysis ...........................................................................................427
Chapter 21: 64-Bit Malware.........................................................................................441
Appendix A: Important Windows Functions ....................................................................453
Appendix B: Tools for Malware Analysis........................................................................465
Appendix C: Solutions to Labs ......................................................................................477
一并还加上两本讲IDA Pro的书(方便有需要的下载):
《IDA Pro权威指南》
《用 C/C++编写 IDA 插件》
下载地址:
http://pan.baidu.com/share/link?shareid=22813&uk=2098933
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
路过看看!
