Michael Hale Ligh and 2 more The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory

[gigiRoman]

Sursa:https://www.google.ro/url?sa=t&source=web&rct=j&url=https://news.asis.io/sites/default/files/The%20Art%20of%20Memory%20Forensics.pdf&ved=2ahUKEwj78Oj5gdzcAhUMC-wKHd2-CVgQFjAAegQIABAB&usg=AOvVaw3-t7BtWw48oPsjZLR18go2

PS: am invatat mai bine treaba cu liste (plus alte structuri de date), asm, windows api, hooks, threaduri, procese, kernel, servicii, pooluri, loguri, registri, retele (stiva tcpip), citirea memoriei, windows object si multe altele.

E despre cum poti face o versiune mai buna a ta.

Te face un programator mai bun, eu mi-am dat seama ca sunt la piciorul broastei.

De citit cu picioarele in apa rece.

Bafta la disecat.

 

Description

Product description

Memory forensics provides cutting edge technology to helpinvestigate digital attacks

Memory forensics is the art of analyzing computer memory (RAM)to solve digital crimes. As a follow-up to the best seller MalwareAnalyst's Cookbook, experts in the fields of malware, security, anddigital forensics bring you a step-by-step guide to memoryforensics—now the most sought after skill in the digitalforensics and incident response fields.

Beginning with introductory concepts and moving toward theadvanced, The Art of Memory Forensics: Detecting Malware andThreats in Windows, Linux, and Mac Memory is based on a five daytraining course that the authors have presented to hundreds ofstudents. It is the only book on the market that focusesexclusively on memory forensics and how to deploy such techniquesproperly. Discover memory forensics techniques:

How volatile memory analysis improves digitalinvestigations

Proper investigative steps for detecting stealth malware andadvanced threats

How to use free, open source tools for conducting thoroughmemory forensics

Ways to acquire memory from suspect systems in a forensicallysound manner

The next era of malware and security breaches are moresophisticated and targeted, and the volatile memory of a computeris often overlooked or destroyed as part of the incident responseprocess. The Art of Memory Forensics explains the latesttechnological innovations in digital forensics to help bridge thisgap. It covers the most popular and recently released versions ofWindows, Linux, and Mac, including both the 32 and 64-biteditions.

From the Back Cover

SOPHISTICATED DISCOVERY AND ANALYSIS FOR THE NEXT WAVE OFDIGITAL ATTACKS

The Art of Memory Forensics, a follow-up to thebestselling Malware Analyst’s Cookbook, is a practicalguide to the rapidly emerging investigative technique for digitalforensics, incident response, and law enforcement. Memory forensicshas become a must-have skill for combating the next era of advancedmalware, targeted attacks, security breaches, and online crime. Asbreaches and attacks become more sophisticated, analyzing volatilememory becomes ever more critical to the investigative process.This book provides a comprehensive guide to performing memoryforensics for Windows, Linux, and Mac systems, including x64architectures. Based on the authors’ popular training course,coverage includes memory acquisition, rootkits, tracking useractivity, and more, plus case studies that illustrate thereal-world application of the techniques presented. Bonus materialsinclude industry-applicable exercises, sample memory dumps, andcutting-edge memory forensics software.

Memory forensics is the art of analyzing RAM to solve digitalcrimes. Conventional incident response often overlooks volatilememory, which contains crucial information that can prove ordisprove the system’s involvement in a crime, and can evendestroy it completely. By implementing memory forensics techniques,analysts are able to preserve memory resident artifacts which oftenprovides a more efficient strategy for investigating modernthreats.

In The Art of Memory Forensics, the VolatilityProject’s team of experts provides functional guidance andpractical advice that helps readers to:

Acquire memory from suspect systems in a forensically soundmanner

Learn best practices for Windows, Linux, and Mac memoryforensics

Discover how volatile memory analysis improves digitalinvestigations

Delineate the proper investigative steps for detecting stealthmalware and advanced threats

Use free, open source tools to conduct thorough memoryforensics investigations

Generate timelines, track user activity, find hidden artifacts,and more

The companion website provides exercises for each chapter, plusdata that can be used to test the various memory analysistechniques in the book. Visit our website atwww.wiley.com/go/memoryforensics.

About the Author

Michael Hale-Ligh is author of Malware Analyst's Cookbook, Secretary/Treasurer of Volatility Foundation, and a world-class reverse engineer.

Andrew Case is a Digital Forensics Researcher specializing in memory, disk, and network forensics.

Jamie Levy is a Senior Researcher and Developer, targeting memory, network, and malware forensics analysis.

AAron Walters is founder and lead developer of the Volatility Project, President of the Volatility Foundation, and Chair of Open Memory Forensics Workshop.