Written by forensic experts from the field, this book is the finest of all in exploring the art of Malware investigation in clear and concise manner. It offers in depth coverage of tools and technique used in live as well as static Malware analysis.
Here is the table of contents of this book
|Malware Incident Response: Volatile Data Collection and Examination on a Live Windows System
|Malware Incident Response: Volatile Data Collection and Examination on a Live Linux System
|Memory Forensics: Analyzing Physical and Process Memory Dumps for Malware Artifacts
|Post-Mortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Windows Systems
|Post-Mortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Linux Systems
|File Identification and Profiling: Initial Analysis of a Suspect File on a Windows System
|File Identification and Profiling: Initial Analysis of a Suspect File On a Linux System
|Analysis of a Suspect Program: Windows
|Analysis of a Suspect Program: Linux
This book does extensive and accurate technical coverage of malware investigation on both Windows as well as Linux platform. It starts with investigation of malware infected system to gather all evidences and then explains about analyzing them in detail to get to the root of malware. It also throws light on discovering the Malware traces through live process memory and physical file analysis to gather all possible information about Malware actions.
The book’s companion website www.malwareforensics.com is a great resource as it offers latest news from the malware forensics field including updates about new Windows/Linux tools related to malware investigation. You can download the sample chapter here. This link also contains the promotional code which will get you 20% discount on purchase of this book.
Though the book is over priced, it is well worth the money for those who are serious about taking their career into top of Malware investigation.