»
Managed Code Rootkits
 
 

Managed Code Rootkits, 1st Edition

Hooking into Runtime Environments

 
Managed Code Rootkits, 1st Edition,Erez Metula,ISBN9781597495745
 
 
 

  

Syngress

9781597495745

9781597495752

336

235 X 191

A new type of rootkit means a new type of defense. Get all the facts you need to protect against this new attack vector!

Print Book

Paperback

In Stock

Estimated Delivery Time
GBP 30.99

eBook
eBook Overview

VST format:

DRM Free included formats: EPub, Mobi, PDF

This product is currently not available.
 
 

Key Features

  • Named a 2011 Best Hacking and Pen Testing Book by InfoSec Reviews
  • Introduces the reader briefly to managed code environments and rootkits in general
  • Completely details a new type of rootkit hiding in the application level and demonstrates how a hacker can change language runtime implementation
  • Focuses on managed code including Java, .NET, Android Dalvik and reviews malware development scanarios

Description

Imagine being able to change the languages for the applications that a computer is running and taking control over it. That is exactly what managed code rootkits can do when they are placed within a computer. This new type of rootkit is hiding in a place that had previously been safe from this type of attack-the application level. Code reviews do not currently look for back doors in the virtual machine (VM) where this new rootkit would be injected. An invasion of this magnitude allows an attacker to steal information on the infected computer, provide false information, and disable security checks. Erez Metula shows the reader how these rootkits are developed and inserted and how this attack can change the managed code that a computer is running, whether that be JAVA, .NET, Android Dalvik or any other managed code. Management development scenarios, tools like ReFrameworker, and countermeasures are covered, making this book a one stop shop for this new attack vector.

Readership

Intermediate to advanced pen testers; hackers; malware researchers; software engineers; OS designers and developers

Erez Metula

Erez Metula (CISSP) is an application security researcher specializing in secure development practices, penetration testing, code reviews, and security training for developers. He has extensive hands-on experience performing security assessments and training for organizations worldwide. Erez is the founder of AppSec. He is also a leading instructor at many information security training sessions. He is a constant speaker at security conferences, and has spoken at Black Hat, DEF CON, CanSecWest, OWASP, and more.

Affiliations and Expertise

CISSP, Founder of AppSec

Managed Code Rootkits, 1st Edition

Part I: Overview
Chapter 1: Introduction
Chapter 2: Managed Code Rootkits
Part II: Malware Development
Chapter 3: Tools of the Trade
Chapter 4: Runtime Modification
Chapter 5: Manipulating the Runtime
Chapter 6: Extending the Language with a Malware API
Chapter 7: Automated Framework Modification
Chapter 8: Advanced Topics
Part III: Countermeasures
Chapter 9: Defending against MCRs
Part IV: Where Do We Go from Here?
Chapter 10: Other Uses of Runtime Modification

Quotes and reviews

"A well-put-together work: I was able to put some of the tasks to work for me right away. An excellent resource: Technical enough to be useful, but not overly technical." -- Chris Griffin, Trainer, ISECOM USA

"As someone who has to deal with .NET security every day, I always look for new ideas and tools to make .NET applications more secure. This book provides both. It's especially valuable when you have to protect apps without having access to their original source code." -- Kyle C. Quest, GREM, GWAPT, GCIH, GCFA, GCIA, GCWN, GCUX, GCFW, GSNA, CISSP, CIPP, Director of Security Engineering, MetraTech

"Overall the book is very well structured and presented in a way that maintains the reader’s interest as the author delves ever deeper into why hackers use MCRs to target an organisation’s applications. Continuity of the content is maintained by helpful summaries at the end of each chapter… Mr Metula is a consummate and talented security practitioner who knows his subject thoroughly. I consider this book to be excellent value for money and would recommend it to any security professional. In today’s austere economic climate, modern IT solutions are being sought that are proven value for money. The use of virtual servers is rapidly increasing as they provide better utilisation and increased productivity of existing resources. This book highlights the risks of adopting such technology and provides valuable advice on countermeasures to mitigate those risks."--InfoSecReviews.com

"In today’s austere economic climate, modern IT solutions are being sought?that are proven value for money. The use of virtual servers is rapidly increasing?as they provide better utilisation and increased productivity of existing resources. This book highlights the risks of adopting such technology and provides valuable advice on countermeasures to mitigate those risks."--Best Hacking and Pen Testing Books in InfoSecReviews Book Awards

 
 
Discount on all Earth,Environment and Energy Titles | Use Promo Code EARTH
Shop with Confidence

Free Shipping around the world
▪ Broad range of products
▪ 30 days return policy
FAQ