Managed Code Rootkits: Hooking into Runtime Environments


Imagine being able to change the languages for the applicationsthat a computer is running and taking control over it. That is exactly what managed code rootkits can do when they are placed within a computer. This new type of rootkit is hiding in a place that had previously been safe from this type of attack-the application level. Continue reading “Managed Code Rootkits: Hooking into Runtime Environments” »

Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems



It’s easy to capture packets with Wireshark, the world’s most popular network sniffer, whether off the wire or from the air. But how do you use those packets to understand what’s happening on your network

With an expanded discussion of network protocols and 45 completely new scenarios, this extensively revised second edition of the best-selling Practical Packet Analysis will teach you how to make sense of your PCAP data. You’ll find new sections on troubleshooting slow networks and packet analysis for security to help you better understand how modern exploits and malware behave at the packet level. Add to this a thorough introduction to the TCP/IP network stack and you’re on your way to packet analysis proficiency. Continue reading “Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems” »

The Art of Memory Forensics


Memory forensics provides cutting edge technology to help investigate digital attacks Memory forensics is the art of analyzing computer memory (RAM) to solve digital crimes. As a follow-up to the best seller Malware Analyst’s Cookbook, experts in the fields of malware, security, and digital forensics bring you a step-by-step guide to memory forensics—now the most sought after skill in the digital forensics and incident response fields. Beginning with introductory concepts and moving toward the advanced, Continue reading “The Art of Memory Forensics” »