Windows APT Warfare (eBook)

Identify and prevent Windows APT attacks effectively
eBook Download: EPUB
2023
258 Seiten
Packt Publishing (Verlag)
978-1-80461-721-2 (ISBN)

Lese- und Medienproben

Windows APT Warfare - Sheng-Hao Ma, Ziv Chang, Federico Maggi
Systemvoraussetzungen
36,66 inkl. MwSt
  • Download sofort lieferbar
  • Zahlungsarten anzeigen

Learn Windows system design from the PE binary structure to modern and practical attack techniques used by red teams to implement advanced prevention



Purchase of the print or Kindle book includes a free PDF eBook

Key Features



  • Understand how malware evades modern security products
  • Learn to reverse engineer standard PE format program files
  • Become familiar with modern attack techniques used by multiple red teams

Book Description



An Advanced Persistent Threat (APT) is a severe form of cyberattack that lies low in the system for a prolonged time and locates and then exploits sensitive information. Preventing APTs requires a strong foundation of basic security techniques combined with effective security monitoring. This book will help you gain a red team perspective on exploiting system design and master techniques to prevent APT attacks. Once you've understood the internal design of operating systems, you'll be ready to get hands-on with red team attacks and, further, learn how to create and compile C source code into an EXE program file. Throughout this book, you'll explore the inner workings of how Windows systems run and how attackers abuse this knowledge to bypass antivirus products and protection.

As you advance, you'll cover practical examples of malware and online game hacking, such as EXE infection, shellcode development, software packers, UAC bypass, path parser vulnerabilities, and digital signature forgery, gaining expertise in keeping your system safe from this kind of malware.

By the end of this book, you'll be well equipped to implement the red team techniques that you've learned on a victim's computer environment, attempting to bypass security and antivirus products, to test its defense against Windows APT attacks.

What you will learn



  • Explore various DLL injection techniques for setting API hooks
  • Understand how to run an arbitrary program file in memory
  • Become familiar with malware obfuscation techniques to evade antivirus detection
  • Discover how malware circumvents current security measures and tools
  • Use Microsoft Authenticode to sign your code to avoid tampering
  • Explore various strategies to bypass UAC design for privilege escalation

Who this book is for



This book is for cybersecurity professionals- especially for anyone working on Windows security, or malware researchers, network administrators, ethical hackers looking to explore Windows exploit, kernel practice, and reverse engineering. A basic understanding of reverse engineering and C/C++ will be helpful.


Learn Windows system design from the PE binary structure to modern and practical attack techniques used by red teams to implement advanced preventionPurchase of the print or Kindle book includes a free PDF eBookKey FeaturesUnderstand how malware evades modern security productsLearn to reverse engineer standard PE format program filesBecome familiar with modern attack techniques used by multiple red teamsBook DescriptionAn Advanced Persistent Threat (APT) is a severe form of cyberattack that lies low in the system for a prolonged time and locates and then exploits sensitive information. Preventing APTs requires a strong foundation of basic security techniques combined with effective security monitoring. This book will help you gain a red team perspective on exploiting system design and master techniques to prevent APT attacks. Once you've understood the internal design of operating systems, you'll be ready to get hands-on with red team attacks and, further, learn how to create and compile C source code into an EXE program file. Throughout this book, you'll explore the inner workings of how Windows systems run and how attackers abuse this knowledge to bypass antivirus products and protection. As you advance, you'll cover practical examples of malware and online game hacking, such as EXE infection, shellcode development, software packers, UAC bypass, path parser vulnerabilities, and digital signature forgery, gaining expertise in keeping your system safe from this kind of malware. By the end of this book, you'll be well equipped to implement the red team techniques that you've learned on a victim's computer environment, attempting to bypass security and antivirus products, to test its defense against Windows APT attacks.What you will learnExplore various DLL injection techniques for setting API hooksUnderstand how to run an arbitrary program file in memoryBecome familiar with malware obfuscation techniques to evade antivirus detectionDiscover how malware circumvents current security measures and toolsUse Microsoft Authenticode to sign your code to avoid tamperingExplore various strategies to bypass UAC design for privilege escalationWho this book is forThis book is for cybersecurity professionals- especially for anyone working on Windows security, or malware researchers, network administrators, ethical hackers looking to explore Windows exploit, kernel practice, and reverse engineering. A basic understanding of reverse engineering and C/C++ will be helpful.
Erscheint lt. Verlag 10.3.2023
Sprache englisch
Themenwelt Mathematik / Informatik Informatik Web / Internet
ISBN-10 1-80461-721-0 / 1804617210
ISBN-13 978-1-80461-721-2 / 9781804617212
Haben Sie eine Frage zum Produkt?
EPUBEPUB (Adobe DRM)
Größe: 40,6 MB

Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM

Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belle­tristik und Sach­büchern. Der Fließ­text wird dynamisch an die Display- und Schrift­größe ange­passt. Auch für mobile Lese­geräte ist EPUB daher gut geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine Adobe-ID und die Software Adobe Digital Editions (kostenlos). Von der Benutzung der OverDrive Media Console raten wir Ihnen ab. Erfahrungsgemäß treten hier gehäuft Probleme mit dem Adobe DRM auf.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine Adobe-ID sowie eine kostenlose App.
Geräteliste und zusätzliche Hinweise

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich