Most ebook files are in PDF format, so you can easily read them using various software such as Foxit Reader or directly on the Google Chrome browser.
Some ebook files are released by publishers in other formats such as .awz, .mobi, .epub, .fb2, etc. You may need to install specific software to read these formats on mobile/PC, such as Calibre.
Please read the tutorial at this link. https://ebooknice.com/page/post?id=faq
We offer FREE conversion to the popular formats you request; however, this may take some time. Therefore, right after payment, please email us, and we will try to provide the service as quickly as possible.
For some exceptional file formats or broken links (if any), please refrain from opening any disputes. Instead, email us first, and we will try to assist within a maximum of 6 hours.
EbookNice Team
Status:
Available4.5
23 reviews
ISBN 10: 1598220616
ISBN 13: 9781598220612
Author: Bill Blunden
Part I: Foundational Concepts
Chapter 1: Operating System Internals Primer
Kernel Mode vs. User Mode
Memory Management (Virtual Memory, Paging)
Process and Thread Management
System Calls (Syscalls)
Interrupts and Exception Handling
Filesystems and I/O Operations
Kernel Objects and Data Structures
Chapter 2: Malware Fundamentals
Types of Malware (Viruses, Worms, Trojans, Spyware, Adware, Rootkits)
Basic Malware Techniques (Persistence, Obfuscation, Anti-Analysis)
Introduction to Assembly Language (x86/x64)
Disassembly and Debugging Tools
Part II: User-Mode Rootkits
Chapter 3: User-Mode Hooking Techniques
API Hooking (DLL Injection, Detours, Trampolines)
IAT (Import Address Table) Hooking
EAT (Export Address Table) Hooking
Inline Hooking (Code Patching)
Case Studies: Real-world User-Mode Rootkits
Chapter 4: Process Hiding and Manipulation
Injecting Code into Other Processes
Process Suspension and Resumption
Process Hollowing and Doppelganging
Hiding Processes from Task Manager and Other Tools
Chapter 5: File and Registry Hiding in User Mode
Hooking File System APIs (e.g., NtQueryDirectoryFile)
Manipulating Registry Access Functions
Techniques for Hiding Files and Registry Keys
Part III: Kernel-Mode Rootkits
Chapter 6: Introduction to Kernel-Mode Development
Kernel Development Environment Setup (Windows Driver Kit)
Driver Structure and Loading
Debugging Kernel-Mode Code
Ring 0 vs. Ring 3 Revisited
Chapter 7: Kernel-Mode Hooking
SSDT (System Service Descriptor Table) Hooking
IRP (I/O Request Packet) Hooking
Object Hooking (Object Callbacks)
Interrupt Descriptor Table (IDT) and Global Descriptor Table (GDT) Hooking
Direct Kernel Object Manipulation (DKOM)
Chapter 8: Hiding Processes and Files in the Kernel
Unlinking EPROCESS Blocks
Manipulating Callback Routines
Directly Modifying File System Structures
Stealth Techniques for Kernel Drivers
Chapter 9: Network Traffic Interception and Manipulation
Hooking Network Drivers (NDIS)
Packet Sniffing and Injection in Kernel Mode
Firewall Evasion Techniques
Chapter 10: Advanced Persistence and Evasion
Bootkits and BIOS/UEFI Rootkits (Introduction)
Virtual Machine-Based Rootkits (VMBRs)
Anti-Forensics Techniques
Rootkit Detection Evasion (Against Signature, Heuristic, and Behavioral Analysis)
Part IV: Detection and Defense
Chapter 11: Rootkit Detection Techniques
Signature-Based Detection
Integrity Checking and Hash Comparisons
Behavioral Analysis (Monitoring APIs, System Calls)
Cross-View/Cross-Verification Analysis
Memory Forensics for Rootkit Detection
Hardware-Assisted Virtualization for Detection
Chapter 12: Rootkit Removal and Prevention Strategies
Live vs. Offline Analysis
Specialized Rootkit Removers
Operating System Security Features (PatchGuard, Driver Signing)
Secure Boot and Trusted Platform Modules (TPMs)
Best Practices for System Hardening
the rootkit arsenal 2nd edition pdf
the rootkit arsenal 3rd edition
the rootkit arsenal 2nd edition
a rootkit
rootkit arsenal amazon
the rootkit arsenal pdf
Tags: Bill Blunden, Rootkit, Arsenal
4.4
14 reviews
4.8
18 reviews
4.3
31 reviews
5.0
22 reviews
4.5
5 reviews