An Ihren Kindle oder ein anderes Gerät senden


Kostenlos testen

Jetzt kostenlos reinlesen

An Ihren Kindle oder ein anderes Gerät senden

Jeder kann Kindle Bücher lesen  selbst ohne ein Kindle-Gerät  mit der KOSTENFREIEN Kindle App für Smartphones, Tablets und Computer.
Der Artikel ist in folgender Variante leider nicht verfügbar
Keine Abbildung vorhanden für
Keine Abbildung vorhanden


The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory [Kindle Edition]

Michael Hale Ligh

Kindle-Preis: EUR 36,30 Inkl. MwSt. und kostenloser drahtloser Lieferung über Amazon Whispernet

  • Länge: 912 Seiten
  • Sprache: Englisch
  • Aufgrund der Dateigröße dauert der Download dieses Buchs möglicherweise länger.
  • Sie haben noch keinen Kindle? Hier kaufen Oder fangen Sie mit einer unserer gratis Kindle Lese-Apps sofort an zu lesen.

Weitere Ausgaben

Amazon-Preis Neu ab Gebraucht ab
Kindle Edition EUR 36,30  
Taschenbuch EUR 48,40  



Memory forensics provides cutting edge technology to help investigate digital attacks

Memory forensics is the art of analyzing computer memory (RAM) to solve digital crimes. As a follow-up to the best seller Malware Analyst's Cookbook, experts in the fields of malware, security, and digital forensics bring you a step-by-step guide to memory forensics—now the most sought after skill in the digital forensics and incident response fields.

Beginning with introductory concepts and moving toward the advanced, The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory is based on a five day training course that the authors have presented to hundreds of students. It is the only book on the market that focuses exclusively on memory forensics and how to deploy such techniques properly. Discover memory forensics techniques:

  • How volatile memory analysis improves digital investigations
  • Proper investigative steps for detecting stealth malware and advanced threats
  • How to use free, open source tools for conducting thorough memory forensics
  • Ways to acquire memory from suspect systems in a forensically sound manner

The next era of malware and security breaches are more sophisticated and targeted, and the volatile memory of a computer is often overlooked or destroyed as part of the incident response process. The Art of Memory Forensics explains the latest technological innovations in digital forensics to help bridge this gap. It covers the most popular and recently released versions of Windows, Linux, and Mac, including both the 32 and 64-bit editions.



The Art of Memory Forensics, a follow-up to the bestselling Malware Analyst’s Cookbook, is a practical guide to the rapidly emerging investigative technique for digital forensics, incident response, and law enforcement. Memory forensics has become a must-have skill for combating the next era of advanced malware, targeted attacks, security breaches, and online crime. As breaches and attacks become more sophisticated, analyzing volatile memory becomes ever more critical to the investigative process. This book provides a comprehensive guide to performing memory forensics for Windows, Linux, and Mac systems, including x64 architectures. Based on the authors’ popular training course, coverage includes memory acquisition, rootkits, tracking user activity, and more, plus case studies that illustrate the real-world application of the techniques presented. Bonus materials include industry-applicable exercises, sample memory dumps, and cutting-edge memory forensics software.

Memory forensics is the art of analyzing RAM to solve digital crimes. Conventional incident response often overlooks volatile memory, which contains crucial information that can prove or disprove the system’s involvement in a crime, and can even destroy it completely. By implementing memory forensics techniques, analysts are able to preserve memory resident artifacts which often provides a more efficient strategy for investigating modern threats.

In The Art of Memory Forensics, the Volatility Project’s team of experts provides functional guidance and practical advice that helps readers to:

  • Acquire memory from suspect systems in a forensically sound manner
  • Learn best practices for Windows, Linux, and Mac memory forensics
  • Discover how volatile memory analysis improves digital investigations
  • Delineate the proper investigative steps for detecting stealth malware and advanced threats
  • Use free, open source tools to conduct thorough memory forensics investigations
  • Generate timelines, track user activity, find hidden artifacts, and more

The companion website provides exercises for each chapter, plus data that can be used to test the various memory analysis techniques in the book. Visit our website at


Mehr über die Autoren

Entdecken Sie Bücher, lesen Sie über Autoren und mehr

Welche anderen Artikel kaufen Kunden, nachdem sie diesen Artikel angesehen haben?


Es gibt noch keine Kundenrezensionen auf
5 Sterne
4 Sterne
3 Sterne
2 Sterne
1 Sterne
Die hilfreichsten Kundenrezensionen auf (beta) 5.0 von 5 Sternen  9 Rezensionen
5 von 5 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen A great book. 5. August 2014
Von Borja Merino - Veröffentlicht auf
I recommend this book without a doubt to all those engaged in malware analysis and forensics. Very well organized. In my case, it has been really useful to know different alternatives to detect and understand advanced malware in kernel space (rootkits) from a memory dump. The book uses practical examples of current malware to teach you how to use Volatility for its detection and analysis. It explains very well the inner-working of the memory manager and the structures used by the operating system to manage processes, connections, etc. These concepts are fundamental to understanding the logic and techniques implemented by the Volatility plugins. It also uses multiple references to external sources to further enrich the content of the book. In short, a great book.
4 von 4 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen Most complete book written by the top minds in memory forensics! 9. August 2014
Von jcrook - Veröffentlicht auf
The Art of Memory Forensics is a must have book if you do any type of work with incident response, malware analysis or other types of forensic investigations. I have talked to people that have not yet incorporated memory forensics into their processes and this book truly shows the value one can gain in doing so.

I was lucky enough to get an advanced copy to review and was amazed at the amount of content that is packed into this book. You go from acquisition tools and techniques to full investigations along with everything in between in 800+ pages. The authors were able to take their real world experiences along with their wealth of knowledge and explain some very complex topics in way that most people can easily understand. They also walk through the topics covered in the book with practical examples as well as including memory images that you can follow along with.

Regardless of your current experience in memory forensics, after reading this book you will have gained a wealth of new knowledge that you can immediately apply to your current investigations.
1 von 1 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen THE Book on Memory Forensics 6. September 2014
Von Tyler Halfpop - Veröffentlicht auf
I highly recommend this book. If you could only get one book on memory forensics then this is it. This book is written by the creators of volatility, which is the leading open source memory forensics tool out there. It covers the essentials of operating system internals to get you up and running quickly then it progresses to covering Windows, Linux, and Mac systems with real world examples using Volatility. It is a great chance to peak over the shoulders of these leading experts as they walk you through doing memory forensics on REAL pieces of malware. You can freely download Volatility and some of the forensic challenges they reference online and follow right along with them as they turn 1s and 0s into some unbelievable information. The book also covers a lot of details about Volatility itself and it's inner workings. It is a great reference to have and deserves a spot on your bookshelf within reach if you have any interest in forensics or incident response. Attackers are getting smarter and The Art of Memory Forensics gives you the tools to help handle advanced threats. You will not be disappointed.
5.0 von 5 Sternen Outstanding Text Needs Additional Web Resources 18. September 2014
Von Let's Compare Options Preptorial - Veröffentlicht auf
Format:Taschenbuch|Verifizierter Kauf
At this writing (Fall 2014) the Wiley instructor companion website is not up to Wiley standards (yet). I wanted to test the code for this review, but the code section on the site only defaults to the creative commons license (both the code and license links). Same with all the chapters, they only display commons, a strawman syllabus and an intro letter. They only resource that is already up is the Powerpoint presentation, and at over 100 pages it is simply OUTSTANDING, which whets the appetite even more for the rest of the outlines, solutions, code, and much more.

So, Wiley, get with it! If you are considering buying this, add your vote in comments and Wiley might listen. I'll update this once we get the code, both with quality of the code and where it can be used. Going over the license so far, it is quite generous, much like GNU with an attribution link, although of course more robust beyond teaching (eg commercial) if you do get permission. The text itself has wonderful, up to date sploit and software info, patches, etc. but the site, for a book this costly, needs to be completed. I'm not recommending you pass on this because of it, but we won't be getting the full value for our purchase, nor will our students, until the site is completed.

REVIEW UPDATE: SEE MICHAEL'S COMMENT ATTACHED TO THIS REVIEW. Although Amazon's automated system generally removes links, the comment gives complete and up to date online resources for this book, as the publisher's link is incomplete, and will not be updated. The publisher promotion of online evidence samples, code, etc. is not wrong or deceptive, it is just on github rather than the publisher's site as indicated. PLEASE VIEW THE COMMENT AND VISIT THE SITES INDICATED IN THE COMMENT BEFORE LEAVING A NEGATIVE REVIEW-- the resources ARE there, just not where advertised. Also, see Michael's other best seller at: Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code.

If you are price conscious, notice that in addition to the generous web resources in the comment (including open source/ freeware), the book is over 900 pages long, and PACKED with practical, use-it-now reference and learning tools. I've already visited the samples, and they are awesome, especially given that they cover the most frequent o/s permutations. Both Windows and Linux give the exact traces indicated, these authors are the real thing.
12 von 18 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen Do NOT keep this book on a shelf! 30. Juli 2014
Von Harlan Carvey - Veröffentlicht auf
If you do any investigative work involving computer systems...DFIR, malware RE, etc..this is THE MUST-HAVE resource, and it should not rest on a shelf. Within a matter of days, this book should be marked up and well-worn! If not, you've wasted your money, and you're not doing your clients the service that you could be. I've already written notes in the margins from my case notes, and highlighted a number of items discussed in the book that I plan to incorporate into future exams!

For a more detailed review:
Waren diese Rezensionen hilfreich?   Wir wollen von Ihnen hören.

Kunden diskutieren

Das Forum zu diesem Produkt
Diskussion Antworten Jüngster Beitrag
Noch keine Diskussionen

Fragen stellen, Meinungen austauschen, Einblicke gewinnen
Neue Diskussion starten
Erster Beitrag:
Eingabe des Log-ins

Kundendiskussionen durchsuchen
Alle Amazon-Diskussionen durchsuchen

Ähnliche Artikel finden