Facebook Twitter Pinterest
  • Statt: EUR 65,90
  • Sie sparen: EUR 11,81 (18%)
  • Alle Preisangaben inkl. MwSt.
Nur noch 4 auf Lager (mehr ist unterwegs).
Verkauf und Versand durch Amazon. Geschenkverpackung verfügbar.
The Art of Memory Forensi... ist in Ihrem Einkaufwagen hinzugefügt worden
+ EUR 3,00 Versandkosten
Gebraucht: Wie neu | Details
Verkauft von ---SuperBookDeals---
Zustand: Gebraucht: Wie neu
Kommentar: 100% Geld zurueck Garantie. Zustand Wie neu. Schneller Versand, erlauben sie bitte 8 bis 18 Tage fuer Lieferung. Ueber 1,000,000 zufriedene Kunden. Wir bieten Kundenbetreuung in Deutsch.
Möchten Sie verkaufen?
Zur Rückseite klappen Zur Vorderseite klappen
Hörprobe Wird gespielt... Angehalten   Sie hören eine Hörprobe des Audible Hörbuch-Downloads.
Mehr erfahren
Alle 3 Bilder anzeigen

The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory (Englisch) Taschenbuch – 3. Oktober 2014

1.0 von 5 Sternen 1 Kundenrezension

Alle Formate und Ausgaben anzeigen Andere Formate und Ausgaben ausblenden
Neu ab Gebraucht ab
Kindle Edition
"Bitte wiederholen"
"Bitte wiederholen"
EUR 54,09
EUR 30,66 EUR 36,07
23 neu ab EUR 30,66 4 gebraucht ab EUR 36,07
click to open popover

Wird oft zusammen gekauft

  • The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory
  • +
  • Practical Reverse Engineering: X86, X64, Arm, Windows Kernel, Reversing Tools, and Obfuscation
  • +
  • Rtfm: Red Team Field Manual
Gesamtpreis: EUR 98,42
Die ausgewählten Artikel zusammen kaufen

Es wird kein Kindle Gerät benötigt. Laden Sie eine der kostenlosen Kindle Apps herunter und beginnen Sie, Kindle-Bücher auf Ihrem Smartphone, Tablet und Computer zu lesen.

  • Apple
  • Android
  • Windows Phone

Geben Sie Ihre Mobiltelefonnummer ein, um die kostenfreie App zu beziehen.

Jeder kann Kindle Bücher lesen — selbst ohne ein Kindle-Gerät — mit der KOSTENFREIEN Kindle App für Smartphones, Tablets und Computer.




The Art of Memory Forensics, a follow-up to the bestselling Malware Analyst's Cookbook, is a practical guide to the rapidly emerging investigative technique for digital forensics, incident response, and law enforcement. Memory forensics has become a must-have skill for combating the next era of advanced malware, targeted attacks, security breaches, and online crime. As breaches and attacks become more sophisticated, analyzing volatile memory becomes ever more critical to the investigative process. This book provides a comprehensive guide to performing memory forensics for Windows, Linux, and Mac systems, including x64 architectures. Based on the authors' popular training course, coverage includes memory acquisition, rootkits, tracking user activity, and more, plus case studies that illustrate the real-world application of the techniques presented. Bonus materials include industry-applicable exercises, sample memory dumps, and cutting-edge memory forensics software.
Memory forensics is the art of analyzing RAM to solve digital crimes. Conventional incident response often overlooks volatile memory, which contains crucial information that can prove or disprove the system's involvement in a crime, and can even destroy it completely. By implementing memory forensics techniques, analysts are able to preserve memory resident artifacts which often provides a more efficient strategy for investigating modern threats.
In The Art of Memory Forensics, the Volatility Project's team of experts provides functional guidance and practical advice that helps readers to:
* Acquire memory from suspect systems in a forensically sound manner
* Learn best practices for Windows, Linux, and Mac memory forensics
* Discover how volatile memory analysis improves digital investigations
* Delineate the proper investigative steps for detecting stealth malware and advanced threats
* Use free, open source tools to conduct thorough memory forensics investigations
* Generate timelines, track user activity, find hidden artifacts, and more
The companion website provides exercises for each chapter, plus data that can be used to test the various memory analysis techniques in the book. Visit our website at www.wiley.com/go/memoryforensics.

Über den Autor und weitere Mitwirkende

Michael Hale-Ligh is author of Malware Analyst's Cookbook, Secretary/Treasurer of Volatility Foundation, and a world-class reverse engineer.
Andrew Case is a Digital Forensics Researcher specializing in memory, disk, and network forensics.
Jamie Levy is a Senior Researcher and Developer, targeting memory, network, and malware forensics analysis.
AAron Walters is founder and lead developer of the Volatility Project, President of the Volatility Foundation, and Chair of Open Memory Forensics Workshop.


1.0 von 5 Sternen
5 Sterne
4 Sterne
3 Sterne
2 Sterne
1 Stern
Siehe die Kundenrezension
Sagen Sie Ihre Meinung zu diesem Artikel


Format: Kindle Edition
This book is so full of essential errors that it is just painful to read and take seriously.
Have a look at the errata, it only contains a fragment of the errors reported more than a year ago.

There is also a lot of references missing to original material where errors in the original material are assumed as correct and not addressed as such.

The title is misguiding in such that it does little to discuss the forensic aspect of memory analysis. A more suitable title is "Volatility the lost manual".
Kommentar 4 Personen fanden diese Informationen hilfreich. War diese Rezension für Sie hilfreich? Ja Nein Feedback senden...
Vielen Dank für Ihr Feedback.
Wir konnten Ihre Stimmabgabe leider nicht speichern. Bitte erneut versuchen
Missbrauch melden

Die hilfreichsten Kundenrezensionen auf Amazon.com (beta)

Amazon.com: HASH(0x96a96228) von 5 Sternen 31 Rezensionen
11 von 11 Kunden fanden die folgende Rezension hilfreich
HASH(0x95eda27c) von 5 Sternen Invaluable 23. Februar 2015
Von David C. Malone - Veröffentlicht auf Amazon.com
Format: Taschenbuch Verifizierter Kauf
I have worked in I.T. for 15 years - in Windows system administration, database administration, and utility software development. About one month ago I started reading heavily on security, and planned for 2015 a shift in career focus to that discipline. So I bought this book and began to read. This had immediate payoff just 2 days ago when I noticed an email from our security team that an IDS had detected a possible Trojan signature on one of our servers. Another analyst ran a full AV scan, and when she found nothing, the email thread dried up. Not so convinced (I had just read the fact on Mandiant's website that "100% of victims had up-to-date AV software), I triggered a complete memory dump on the server using LiveKD and began working on it with WinDbg commands and Volatility Framework. Within the first few hours, it appeared that there certainly looked to be a rootkit-like presence, but with my limited security knowledge and, even though I debug a kernel dump every now and then, I don't usually look at things like the IDT 2e entry, etc. However, 15 hours into researching my first real-life production issue, I completely narrowed down the source and contacted the security team and account management. This server would have continued to operate under the radar with the standard tools continually missing the malware's presence and caused who knows what problems. Thanks to one of the most well-organized, well-written, and informative I.T. books I have ever read, I was able to effectively isolate this piece of malware. This book is an absolute must for anyone even employed in I.T. with responsibilities over safeguarding company networks and infrastructure, and (unfortunately) these days, should probably be employed by anyone at all that plugs in an Ethernet cable or attaches to Wi-Fi! Outstanding material - thanks very much.
10 von 10 Kunden fanden die folgende Rezension hilfreich
HASH(0x95eda4c8) von 5 Sternen Outstanding Text Needs Additional Web Resources 18. September 2014
Von Let's Compare Options Preptorial - Veröffentlicht auf Amazon.com
Format: Taschenbuch Verifizierter Kauf
At this writing (Fall 2014) the Wiley instructor companion website is not up to Wiley standards (yet). I wanted to test the code for this review, but the code section on the site only defaults to the creative commons license (both the code and license links). Same with all the chapters, they only display commons, a strawman syllabus and an intro letter. They only resource that is already up is the Powerpoint presentation, and at over 100 pages it is simply OUTSTANDING, which whets the appetite even more for the rest of the outlines, solutions, code, and much more.

So, Wiley, get with it! If you are considering buying this, add your vote in comments and Wiley might listen. I'll update this once we get the code, both with quality of the code and where it can be used. Going over the license so far, it is quite generous, much like GNU with an attribution link, although of course more robust beyond teaching (eg commercial) if you do get permission. The text itself has wonderful, up to date sploit and software info, patches, etc. but the site, for a book this costly, needs to be completed. I'm not recommending you pass on this because of it, but we won't be getting the full value for our purchase, nor will our students, until the site is completed.

REVIEW UPDATE: SEE MICHAEL'S COMMENT ATTACHED TO THIS REVIEW. Although Amazon's automated system generally removes links, the comment gives complete and up to date online resources for this book, as the publisher's link is incomplete, and will not be updated. The publisher promotion of online evidence samples, code, etc. is not wrong or deceptive, it is just on github rather than the publisher's site as indicated. PLEASE VIEW THE COMMENT AND VISIT THE SITES INDICATED IN THE COMMENT BEFORE LEAVING A NEGATIVE REVIEW-- the resources ARE there, just not where advertised. Also, see Michael's other best seller at: Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code.

If you are price conscious, notice that in addition to the generous web resources in the comment (including open source/ freeware), the book is over 900 pages long, and PACKED with practical, use-it-now reference and learning tools. I've already visited the samples, and they are awesome, especially given that they cover the most frequent o/s permutations. Both Windows and Linux give the exact traces indicated, these authors are the real thing.
10 von 11 Kunden fanden die folgende Rezension hilfreich
HASH(0x95eda48c) von 5 Sternen A great book. 5. August 2014
Von Borja Merino - Veröffentlicht auf Amazon.com
Format: Taschenbuch
I recommend this book without a doubt to all those engaged in malware analysis and forensics. Very well organized. In my case, it has been really useful to know different alternatives to detect and understand advanced malware in kernel space (rootkits) from a memory dump. The book uses practical examples of current malware to teach you how to use Volatility for its detection and analysis. It explains very well the inner-working of the memory manager and the structures used by the operating system to manage processes, connections, etc. These concepts are fundamental to understanding the logic and techniques implemented by the Volatility plugins. It also uses multiple references to external sources to further enrich the content of the book. In short, a great book.
5 von 5 Kunden fanden die folgende Rezension hilfreich
HASH(0x95edaa68) von 5 Sternen Easily book of the year for DFIR!!! (and likely years to come) 29. September 2014
Von Wyatt Roersma - Veröffentlicht auf Amazon.com
Format: Taschenbuch
This is a must read for anyone in incident response, digital forensics, reverse engineer malware, security, any anyone else looking to learn deep operating system internal knowledge and how It works with memory.
This is written by the people that have been pioneering research in memory forensics for years and writing the best open source tools to handle any investigation. It dives into the pros and cons for everything ranging from acquisition methods to advanced analysis techniques on Windows, Linux and Mac systems.
As many have stated in other reviews is that this book will be open on your desk constantly as a reference for investigations. It even gives the reader a deep insight onto the internals of volatility which will help anyone looking to develop more plugins for the most popular memory forensics tool available. Not only is it almost 900 pages but it has 3x more in referenced material online that they just couldn't fit into the book giving it the best value possible.
After reading this book the only way you could learn any more about memory forensics would to be to take their class and get challenged on the concepts presented throughout the book. This is absolutely a MUST HAVE RESOURCE!!! I’ll be writing a full book review on my website which you can find at www.wyattroersma.com
What are you waiting for buy it now and you will not be disappointed!
7 von 9 Kunden fanden die folgende Rezension hilfreich
HASH(0x95edac84) von 5 Sternen Most complete book written by the top minds in memory forensics! 9. August 2014
Von jcrook - Veröffentlicht auf Amazon.com
Format: Taschenbuch
The Art of Memory Forensics is a must have book if you do any type of work with incident response, malware analysis or other types of forensic investigations. I have talked to people that have not yet incorporated memory forensics into their processes and this book truly shows the value one can gain in doing so.

I was lucky enough to get an advanced copy to review and was amazed at the amount of content that is packed into this book. You go from acquisition tools and techniques to full investigations along with everything in between in 800+ pages. The authors were able to take their real world experiences along with their wealth of knowledge and explain some very complex topics in way that most people can easily understand. They also walk through the topics covered in the book with practical examples as well as including memory images that you can follow along with.

Regardless of your current experience in memory forensics, after reading this book you will have gained a wealth of new knowledge that you can immediately apply to your current investigations.
Waren diese Rezensionen hilfreich? Wir wollen von Ihnen hören.