What is the best book for learning Malware RE?

Question

I mean, is there something like "The Shellcoder's Handbook", that is, a bible of...?

Answer 1

There is actually one "kind of" Malware RE bible. I haven't checked it out but it's already ordered! ;)

http://amzn.to/9VjjNs

Hope this helps!

Comments

I agree, the book rocks!

---

I can also recommend this book very much despite the fact that reversing malware plays a small role there.......

---

I also ordered it and heard KMDave did also.

Its really well written. But what to expect from a book that is liked by Lenny Zeltser? ^^

Answer 2

I started with "Gray Hat Hacking"! Easy to read and good Topics. Also have the cookbook but didn't have time to read.

Comments

There is a really good section on identifying PDF malware in the Third Edition of this title. Great recommendation!

Answer 3

The Malware Analysts Cookbook is unique is that it discusses (and includes on the DVD) several customized tools based on http://yara-project.googlecode.com

One of them is simply a packer ID file for yara.

Another great tool is called pescanner.py.

Both of these tools are discussed here -- http://www.zonbi.org/archives/495 -- and I found another cool blog that's totally unrelated here -- http://lvdeijk.wordpress.com/2011/02/21/closing-the-loop/ -- that I'm including for fun.

I am also a fan of the MANDIANT Red Curtain tool for analyzing potential malware.

Answer 4

I think malware analyst's cookbook must be one of the best book for what you are looking.

But if you want much more sources to learn malware RE, you should seek informations about windows debugging, windows internals, or subjects like cracking software. All theses domains will bring you knowledge which is very usefull for malware RE

Answer 5

Best book for Malware RE should be "Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software"

More info : http://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901

Best Regards,

VietWOW