Select Page

There was an email thread circulating here at GFI Sunbelt Labs listing good books about malware analysis. Someone said: “we should blog this.”

Here is a list of everybody’s picks:

“Malware Analyst’s Cookbook and DVD: Tools and Techniques for Fighting Malicious Code,” by Steven Adair, Blake Hartstein, Michael Lighand and Matthew Richard, (2010)

“Malware Forensics: Investigating and Analyzing Malicious Code,” by James M. Aquilina, Eoghan Casey and Cameron H. Malin (2008)

In-depth reads on malcode analysis and disassembling techniques:

“Reversing: Secrets of Reverse Engineering,” by Eldad Eilam (2005)

“The IDA Pro Book: The Unofficial Guide to the World’s Most Popular Disassembler,” by Chris Eagle (2008)

“Disassembling Code: IDA Pro and SoftICE,” by Vlad Pirogov (2005)

“Rootkits: Subverting the Windows Kernel,” by Jamie Butler and Greg Hoglund  (2005)

The classics:

“The Art of Computer Virus Research and Defense,” by Peter Szor (2005)

(Although this is five years old, it’s something of a classic. It’s a nice history of malicious code, detection techniques and just a really good all-around read.)

“Malware: Fighting Malicious Code,” by Ed Skoudis and Lenny Zeltser (2003)

Zeltser also has a web site with great information: (2001) (updated)

Thanks Alex and Eric

Tom Kelchner