Book of the Month – Malware Analyst’s Cookbook

“Malware Analyst’s Cookbook” is the latest master piece in the Malware Analysis field which covers almost all facets of the subject from all possible angles. I haven’t seen any book like this which covers everything that Malware Analyist will ever need starting from basics to advanced analysis.



Here is the core information about the book,

Title: Malware Analyst’s Cookbook and DVD
Author: Michael Ligh, Steven Adair, Blake Hartstein, Matthew Richard
Publisher: Wiley
Hardcover: 744 pages
Release Date: November 2, 2010


Here is the ‘Table of Contents’

  • Chapter 1 – Anonymizing Your Activities.
  • Chapter 2 – Honeypots.
  • Chapter 3 – Malware Classification.
  • Chapter 4 – Sandboxes and Multi-AV Scanners.
  • Chapter 5 – Researching Domains and IP Addresses.
  • Chapter 6 – Documents, Shellcode, and URLs.
  • Chapter 7 – Malware Labs.
  • Chapter 8 – Automation.
  • Chapter 9 – Dynamic Analysis.
  • Chapter 10 – Malware Forensics.
  • Chapter 11 – Debugging Malware.
  • Chapter 12 – De-Obfuscation.
  • Chapter 13 – Working with DLLs.
  • Chapter 14 – Kernel Debugging.
  • Chapter 15 – Memory Forensics with Volatility.
  • Chapter 16 – Memory Forensics: Code Injection and Extraction.
  • Chapter 17 – Memory Forensics: Rootkits.
  • Chapter 18 – Memory Forensics: Network and Registry.


Highlights of this book

  • Enormous compilation on Malware Analysis to date in 700+ pages spread over 18 chapters
  • Latest information – tools, trends & techniques
  • Practical – real code examples, scenarios & case studies from the field
  • Fresh material  – Analysis of PDF, MS Office documents, Unpacking Javascript etc
  • Advanced topics such as Malware Debugging, Dynamic Analysis, Memory Forensics, Rootkit Analysis etc
  • Points to right tools and shows how to use them in a smart way for better results.
  • Learn how to create your own quick scripts for automation
  • Wide Platform coverage -Windows, Linux & Mac (Though more of Windows, of course 😉 )
  • Includes DVD – Tools and Examples organized as per chapter.


If you are looking for mastering some of the advanced topics such as Memory Forensics, Rootkit Analysis etc then you need to look for other dedicated titles. But this book does true and complete justice to all topics from the Malware Analyst’s point. What separates this book from other similar books is its huge compilation over different Malware topics and the latest information on the Malware Anlysis.


To summarize all this in one line, this is highly recommended book for ‘Malware Analysis’ for anyone either beginner or expert !

For other reviews on top security books move on to our ‘Book of the Month’ list.

Sample Chapter: Anonymizing Your Activities


eBook :


Similar posts
  • Computer Security Tips: Stay Safe Onl... In recent times cyber security has raised the level of awareness and public consciousness as never before. Both large corporations and big organizations try to take care of online security as much as they can. That’s why cyber criminals and hackers have focused more on smaller companies and single entrepreneurs. This awful tendency leads to [...]
  • SecurityXploded Mentorship Programme ... I am writing this blog to share my SecurityXploded Student Mentorship Programme experience with the future students of this programme. My mentorship programme started last year in August when I was in 2nd year of MS at IIIT-Allahabad. I knew about SecurityXploded community since I used to follow their blogs, training programmes and security tools [...]
  • Code Injection and API Hooking Techni... Hooking covers a range of techniques used for many purposes like debugging, monitoring, intercepting messages, extending functionality etc. Hooking is also used by a lot of rootkits to camouflage themselves on the system. Rootkits use various hooking techniques when they have to hide a process, hide a network port, redirect file writes to some different [...]
  • Announcement – SecurityXploded ... From the past two years we are working actively on couple of projects to support the security community. As you all may already know that we have successfully completed our reversing and malware analysis training programme and we are very glad that it was very helpful for everyone. In my opinion the success of any [...]
  • Advanced Malware Analysis Training Se... Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 2) Dissecting the HeartBeat  RAT Functionalities   This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting various Communications Of HeartBeat [...]

Leave a Reply

Our Company

Follow us on Facebook

Join Mailing List

Get direct access to our expert trainers or mingle with like minded security folks in our mailing list