Learn Windows system design from the PE binary structure to modern and
practical attack techniques used by red teams to implement advanced
prevention
Purchase of the print or Kindle book includes a free PDF eBook
Key Features:
-
Understand how malware evades modern security products
-
Learn to reverse engineer standard PE format program files
-
Become familiar with modern attack techniques used by multiple red
teams
Book Description:
An Advanced Persistent Threat (APT) is a severe form of cyberattack that
lies low in the system for a prolonged time and locates and then
exploits sensitive information. Preventing APTs requires a strong
foundation of basic security techniques combined with effective security
monitoring. This book will help you gain a red team perspective on
exploiting system design and master techniques to prevent APT attacks.
Once you've understood the internal design of operating systems, you'll
be ready to get hands-on with red team attacks and, further, learn how
to create and compile C source code into an EXE program file. Throughout
this book, you'll explore the inner workings of how Windows systems run
and how attackers abuse this knowledge to bypass antivirus products and
protection.
As you advance, you'll cover practical examples of malware and online
game hacking, such as EXE infection, shellcode development, software
packers, UAC bypass, path parser vulnerabilities, and digital signature
forgery, gaining expertise in keeping your system safe from this kind of
malware.
By the end of this book, you'll be well equipped to implement the red
team techniques that you've learned on a victim's computer environment,
attempting to bypass security and antivirus products, to test its
defense against Windows APT attacks.
What You Will Learn:
-
Explore various DLL injection techniques for setting API hooks
-
Understand how to run an arbitrary program file in memory
-
Become familiar with malware obfuscation techniques to evade antivirus
detection
-
Discover how malware circumvents current security measures and tools
-
Use Microsoft Authenticode to sign your code to avoid tampering
-
Explore various strategies to bypass UAC design for privilege
escalation
Who this book is for:
This book is for cybersecurity professionals- especially for anyone
working on Windows security, or malware researchers, network
administrators, ethical hackers looking to explore Windows exploit,
kernel practice, and reverse engineering. A basic understanding of
reverse engineering and C/C++ will be helpful.
