Rootkits and Bootkits

<i>Rootkits and Bootkits</i> will teach you how to understand and counter sophisticated advanced threats buried deep in a machine's boot process or UEFI firmware. <p/>With the aid of numerous case studies and professional research from three of the world's leading security experts you'll trace malware development over time from rootkits like TDL3 to present-day UEFI implants and examine how they infect a system persist through reboot and evade security software. As you inspect and dissect real malware you'll learn: <p/>- How Windows boots--including 32-bit 64-bit and UEFI mode--and where to find vulnerabilities<br>- The details of boot process security mechanisms like Secure Boot including an overview of Virtual Secure Mode (VSM) and Device Guard <br>- Reverse engineering and forensic techniques for analyzing real malware including bootkits like Rovnix/Carberp Gapz TDL4 and the infamous rootkits TDL3 and Festi<br>- How to perform static and dynamic analysis using emulation and tools like Bochs and IDA Pro <br>- How to better understand the delivery stage of threats against BIOS and UEFI firmware in order to create detection capabilities<br>- How to use virtualization tools like VMware Workstation to reverse engineer bootkits and the Intel Chipsec tool to dig into forensic analysis <p/>Cybercrime syndicates and malicious actors will continue to write ever more persistent and covert attacks but the game is not lost. Explore the cutting edge of malware analysis with <i>Rootkits and Bootkits.<br></i><br> <b>Covers boot processes for Windows 32-bit and 64-bit operating systems.</b>