Act like this is a shocker. But every time i wanted to check about something that is regarding the foundation of malware analysis there was this book. I honestly believe that anyone that wants to start playing with some malware analysis should absolutely start with this book.

In addition, the practice session that comes with this book is also very helpful. I read this book after a while of performing analysis on several malwares and this book still added value to the way I perform analysis and to the way I used to approach a new research. I honestly this that this book should be in anyone’s library of cyber security.

The book is covering anything a new member in the forces of good or evil should know as he/she is doing their first steps in the cyber security world.

It starts with some basic knowledge that should be explained such as what is a malware, what types of malware are there, what makes each and every one unique, what is static/dynamic analysis analysis, and much more.

Then we have, as the name suggests, the “practical” aspect of these topics, and it basically guides us through how to approach a new malware that we are encountering. Although the book was written a long time ago, and some techniques that it refers to there as features for “the ultimate threat groups” are today considered as common practice, it is still very valuable.

As the book progress we get into the more “fun” part of malware analysis as we get to learn about packing, fingerprinting, dynamic loading and other really interesting techniques that almost any malware uses these days so it is really important to have a good source of information about these topic, which the book does very well.

There a section of Assembly language which is crucial for most of cyber security researchers, especially those who are looking to become reverse engineers, exploit developers or vulnerability researchers; although I did learn this section as I already knew assembly pretty well so it is hard for me to say how good it really is, given the fact that Assembly might be very alarming at first site.

Overall I would more than recommend this book that was written by Michael Sikorski and Andrew Honig. I think that this book should and could be a great starting point for new researchers and analysts that want to “get their hands dirty” but are feeling overwhelmed by all the possibilities out there.

Link to the book in Amazon

Have fun and good luck!

To top