Rootkits and Bootkitsdelivers a master class in malware evolution that will give you the techniques and tools necessary
535 157 41MB
English Pages xxxiii, 407 pages; 24 cm Year 2019
Table of contents :
What's in a rootkit: the TDL3 case study --
Festi rootkit: the most advanced spam and DDoS bot --
Observing rootkit infections --
Evolution of the bootkit --
Operating system boot process essentials --
Boot process security --
Bootkit infection techniques --
Static analysis of a bootkit using IDA pro --
Bootkit dynamic analysis: emulation and virtualization --
An evolution of MBR and VBR infection techniques: olmasco --
IPL bootkits: rovnix and carberp --
Gapz: advanced VBR infection --
The rise of MBR ransomware --
UEFI boot vs the MBR/VBR boot process --
Contemporary UEFI bootkits --
UEFI firmware vulnerabilities --
How UEFI secure boot works --
Approaches to analyzing hidden filesystems --
BIOS/UEFI forensics: acquisition and analysis approaches.