Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
Mastering Malware Analysis

You're reading from   Mastering Malware Analysis The complete malware analyst's guide to combating malicious software, APT, cybercrime, and IoT attacks

Arrow left icon
Product type Paperback
Published in Jun 2019
Publisher Packt
ISBN-13 9781789610789
Length 562 pages
Edition 1st Edition
Languages
Arrow right icon
Authors (2):
Arrow left icon
Alexey Kleymenov Alexey Kleymenov
Author Profile Icon Alexey Kleymenov
Alexey Kleymenov
Amr Thabet Amr Thabet
Author Profile Icon Amr Thabet
Amr Thabet
Arrow right icon
View More author details
Toc

Table of Contents (18) Chapters Close

Title Page
Copyright and Credits
About Packt
Contributors Preface 1. A Crash Course in CISC/RISC and Programming Basics FREE CHAPTER 2. Basic Static and Dynamic Analysis for x86/x64 3. Unpacking, Decryption, and Deobfuscation 4. Inspecting Process Injection and API Hooking 5. Bypassing Anti-Reverse Engineering Techniques 6. Understanding Kernel-Mode Rootkits 7. Handling Exploits and Shellcode 8. Reversing Bytecode Languages: .NET, Java, and More 9. Scripts and Macros: Reversing, Deobfuscation, and Debugging 10. Dissecting Linux and IoT Malware 11. Introduction to macOS and iOS Threats 12. Analyzing Android Malware Samples 1. Other Books You May Enjoy

Summary

In this chapter, we familiarized ourselves with the Windows kernel mode, and learned how the requests are being passed from the user mode to kernel mode and back again. Then, we discussed rootkits, what parts of this process may be targeted by them, and for what reason. We also covered various techniques that are implemented in modern rootkits, including how existing security mechanisms can be bypassed by malware.

Finally, we explored the tools that are available to perform static and dynamic analysis of kernel mode threats, learned how to set up a testing environment, and summarized generic guidelines that can be followed when performing the analysis. After completing this chapter, the reader should have a strong understanding of how advanced kernel-mode threats work and how they can be analyzed using various tools and approaches.

In Chapter 7, Handling Exploits...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $15.99/month. Cancel anytime
Visually different images