Track My Order
Help Centre
1300 187 187
Likes
My Wish ListsLogin / Join
Booktopia
Australia's local bookstore
Windows APT Warfare : Identify and prevent Windows APT attacks effectively - Sheng-Hao Ma

Windows APT Warfare

Identify and prevent Windows APT attacks effectively

By: Sheng-Hao Ma, Ziv Chang, Federico Maggi

eBook | 10 March 2023

Sorry, we are not able to source the ebook you are looking for right now.

We did a search for other ebooks with a similar title, however there were no matches. You can try selecting from a similar category, click on the author's name, or use the search box above to find your ebook.

With the help of red-team techniques learn Windows system design from the PE Binary structure, culminating in modern attack techniques used by multiple red teams in practice.

Key Features

  • Explore modern compilers generate executable files from scratch
  • Learn to write and develop a Windows Shellcode Generator in Python
  • Understand several ways malware evades modern security products and tactics

Book Description

This book will help you learn the inner workings of Windows systems and gain a red team perspective on how to abuse system design to achieve mainstream APT attack techniques.

The book distills three aspects of reverse engineering, compilers, and system practice principles into a practical study of Windows cyberattacks and explains the attack techniques from a red red-team perspective, which have been used by national cyber armies in recent years on the solid foundation of PE attack techniques. This book also covers practical examples of malware and online game hacking, such as EXE infection, shellcode development, software packer, UAC bypass, path parser vulnerabilities, and digital signature forgery.

At the end of this book, you will be able to combine the techniques in this book with the victim's computer environment to construct appropriate ways to bypass security and anti-virus products.

What you will learn

  • Discover how contemporary compilers create executable files from nothing
  • Prepare any software file by the Windows OS using a dynamic process
  • Understand how malware circumvents current security measures and tools
  • Learn how to decompile program files in the common PE format
  • Find out how attackers undermine system functions and exploit vulnerabilities

Who This Book Is For

This book is for Windows engineers, malware researchers, network administrators, and ethical hackers who want to apply their skills in Windows exploitation, Kernel Practice, and Reverse Engineering. The readers need to have basic knowledge of C/C++ and hands-on experience with reverse engineering.

Table of Contents

  1. From Source to Binaries: The Journey of a C Program
  2. Process Memory: File Mapping, PE Parser, Tiny-Linker, and Hollowing
  3. Dynamic API Calling: Thread, Process, and Environment Information
  4. Shellcode Technique: Export Functions Parsing
  5. Application Loader Design
  6. PE Module Relocation
  7. PE To Shellcode: Transform PE Files into Shellcode
  8. Software Packer Design
  9. Digital Signature: Authenticode, Verify, and Attacks
  10. Reversing User Account Control (UAC) and Bypass Tricks
  11. Appendix: NTFS, Paths, and Symbols
on

You Can Find This eBook In

Non-FictionComputing & I.T.Computer Networking & CommunicationsNetwork SecurityComputer Programming & Software DevelopmentCompilers & InterpretersOperating SystemsMicrosoft (Windows) Operating Systems

This product is categorised by