Save on pre-loved laptops

Customers who viewed this item also viewed

  1. Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
    Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
    4.8613
    $43.88
  2. Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
    Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
    4.6211
    $31.64
  3. Hacking: The Art of Exploitation, 2nd Edition
    Hacking: The Art of Exploitation, 2nd Edition
    4.61,557
    $37.49
Enjoy fast, free delivery, exclusive deals, and award-winning movies & TV shows.
Buy new:
-43% $39.23
FREE delivery Friday, November 7
Ships from: Amazon
Sold by: Apex_media
Kindle app logo image

Download the free Kindle app and start reading Kindle books instantly on your smartphone, tablet, or computer - no Kindle device required.

Read instantly on your browser with Kindle for Web.

Using your mobile phone camera - scan the code below and download the Kindle app.

QR code to download the Kindle App

Follow the authors

See all
Michael Ligh
Follow
Jamie Levy
Follow
Something went wrong. Please try your request again later.

The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory 1st Edition

by Michael Hale Ligh (Author), Andrew Case (Author), Jamie Levy (Author),
{"desktop_buybox_group_1":[{"displayPrice":"$39.23","priceAmount":39.23,"currencySymbol":"$","integerValue":"39","decimalSeparator":".","fractionalValue":"23","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"OyxuGHkOBbnANSgk%2FrIs8l3LONwOPmqiL7BJLX6AMB31tbfQ4g3oKJLx8LsgvmkziCEc%2FN8NK59ixHuLZzqDjxsvF88QAOb4%2F4uRExYCWucF6HHIXTuIAuL5yTwCbaN0ddIU%2ByGAb9NDk63GTdxlr1JlWHQkC2ycrApsO9NdZe6cdYy5tYyrzQ%3D%3D","locale":"en-US","buyingOptionType":"NEW","aapiBuyingOptionIndex":0}, {"displayPrice":"$30.23","priceAmount":30.23,"currencySymbol":"$","integerValue":"30","decimalSeparator":".","fractionalValue":"23","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"OyxuGHkOBbnANSgk%2FrIs8l3LONwOPmqiAiRNaoDOxqO6L8%2BVTTrYoffuUZklZdJZLr5Rbh5xzjvu8ChAhVf6mV8j42WUKTlO8ojAhmsCyns2ls0eh3Tv9ao2BmECnds%2F7QSnZLAwBFyLfgexJOovovr8IhSIOJ4K2eo%2FY4uI4Ghb9xrmy20X3N6suvsQsd%2BB","locale":"en-US","buyingOptionType":"USED","aapiBuyingOptionIndex":1}]}

Purchase options and add-ons

Memory forensics provides cutting edge technology to help investigate digital attacks

Memory forensics is the art of analyzing computer memory (RAM) to solve digital crimes. As a follow-up to the best seller Malware Analyst's Cookbook, experts in the fields of malware, security, and digital forensics bring you a step-by-step guide to memory forensics―now the most sought after skill in the digital forensics and incident response fields.

Beginning with introductory concepts and moving toward the advanced, The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory is based on a five day training course that the authors have presented to hundreds of students. It is the only book on the market that focuses exclusively on memory forensics and how to deploy such techniques properly. Discover memory forensics techniques:

  • How volatile memory analysis improves digital investigations
  • Proper investigative steps for detecting stealth malware and advanced threats
  • How to use free, open source tools for conducting thorough memory forensics
  • Ways to acquire memory from suspect systems in a forensically sound manner

The next era of malware and security breaches are more sophisticated and targeted, and the volatile memory of a computer is often overlooked or destroyed as part of the incident response process. The Art of Memory Forensics explains the latest technological innovations in digital forensics to help bridge this gap. It covers the most popular and recently released versions of Windows, Linux, and Mac, including both the 32 and 64-bit editions.

Read more
Previous slide of product details
  1. ISBN-10
    1118825098
  2. ISBN-13
    978-1118825099
  3. Edition
    1st
  4. Publisher
    Wiley
  5. Publication date
    July 28, 2014
  6. Language
    English
  7. Dimensions
    7.3 x 1.75 x 9.25 inches
  8. Print length
    912 pages
Next slide of product details

Frequently bought together

This item: The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory
$39.23
Get it as soon as Friday, Nov 7
Only 8 left in stock - order soon.
Sold by Apex_media🍏 and ships from Amazon Fulfillment.
+
Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
$43.88
Get it as soon as Friday, Nov 7
In Stock
Sold by Edvance Ahead and ships from Amazon Fulfillment.
+
Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
$31.64
Get it as soon as Friday, Nov 7
In Stock
Ships from and sold by Amazon.com.
Total price: $00
To see our price, add these items to your cart.
Details
Added to Cart
Some of these items ship sooner than the others.
Show details Hide details
Choose items to buy together.

Customers also bought or read

Page 1 of 1Start over
Previous page
  8. Hacking: The Art of Exploitation, 2nd Edition
    Paperback
    $37.49
    FREE delivery Friday
  15. Reversing: Secrets of Reverse Engineering
    Paperback
    $28.79
    $3.99 delivery Friday
  18. Applied Incident Response
    Paperback
    $30.46
    $3.99 delivery Sat, Nov 22
  21. Black Hat Bash: Creative Scripting for Hackers and Pentesters
    Paperback
    $44.08
    FREE delivery Fri, Nov 28
  22. Blue Fox: Arm Assembly Internals and Reverse Engineering
    Paperback
    $30.80
    FREE delivery Saturday
  23. Metasploit, 2nd Edition
    Paperback
    $33.70
    Delivery Friday
  27. Practical Linux Forensics: A Guide for Digital Investigators
    Paperback
    $40.27
    $3.99 delivery Thu, Nov 20
  30. Network Forensics: Tracking Hackers through Cyberspace
    Hardcover
    $49.00
    FREE delivery Friday
Next page
Loading...

Editorial Reviews

From the Inside Flap

SOPHISTICATED DISCOVERY AND ANALYSIS FOR THE NEXT WAVE OF DIGITAL ATTACKS

The Art of Memory Forensics, a follow-up to the bestselling Malware Analyst’s Cookbook, is a practical guide to the rapidly emerging investigative technique for digital forensics, incident response, and law enforcement. Memory forensics has become a must-have skill for combating the next era of advanced malware, targeted attacks, security breaches, and online crime. As breaches and attacks become more sophisticated, analyzing volatile memory becomes ever more critical to the investigative process. This book provides a comprehensive guide to performing memory forensics for Windows, Linux, and Mac systems, including x64 architectures. Based on the authors’ popular training course, coverage includes memory acquisition, rootkits, tracking user activity, and more, plus case studies that illustrate the real-world application of the techniques presented. Bonus materials include industry-applicable exercises, sample memory dumps, and cutting-edge memory forensics software.

Memory forensics is the art of analyzing RAM to solve digital crimes. Conventional incident response often overlooks volatile memory, which contains crucial information that can prove or disprove the system’s involvement in a crime, and can even destroy it completely. By implementing memory forensics techniques, analysts are able to preserve memory resident artifacts which often provides a more efficient strategy for investigating modern threats.

In The Art of Memory Forensics, the Volatility Project’s team of experts provides functional guidance and practical advice that helps readers to:

  • Acquire memory from suspect systems in a forensically sound manner
  • Learn best practices for Windows, Linux, and Mac memory forensics
  • Discover how volatile memory analysis improves digital investigations
  • Delineate the proper investigative steps for detecting stealth malware and advanced threats
  • Use free, open source tools to conduct thorough memory forensics investigations
  • Generate timelines, track user activity, find hidden artifacts, and more

The companion website provides exercises for each chapter, plus data that can be used to test the various memory analysis techniques in the book. Visit our website at www.wiley.com/go/memoryforensics.

From the Back Cover

SOPHISTICATED DISCOVERY AND ANALYSIS FOR THE NEXT WAVE OF DIGITAL ATTACKS

The Art of Memory Forensics, a follow-up to the bestselling Malware Analyst’s Cookbook, is a practical guide to the rapidly emerging investigative technique for digital forensics, incident response, and law enforcement. Memory forensics has become a must-have skill for combating the next era of advanced malware, targeted attacks, security breaches, and online crime. As breaches and attacks become more sophisticated, analyzing volatile memory becomes ever more critical to the investigative process. This book provides a comprehensive guide to performing memory forensics for Windows, Linux, and Mac systems, including x64 architectures. Based on the authors’ popular training course, coverage includes memory acquisition, rootkits, tracking user activity, and more, plus case studies that illustrate the real-world application of the techniques presented. Bonus materials include industry-applicable exercises, sample memory dumps, and cutting-edge memory forensics software.

Memory forensics is the art of analyzing RAM to solve digital crimes. Conventional incident response often overlooks volatile memory, which contains crucial information that can prove or disprove the system’s involvement in a crime, and can even destroy it completely. By implementing memory forensics techniques, analysts are able to preserve memory resident artifacts which often provides a more efficient strategy for investigating modern threats.

In The Art of Memory Forensics, the Volatility Project’s team of experts provides functional guidance and practical advice that helps readers to:

  • Acquire memory from suspect systems in a forensically sound manner
  • Learn best practices for Windows, Linux, and Mac memory forensics
  • Discover how volatile memory analysis improves digital investigations
  • Delineate the proper investigative steps for detecting stealth malware and advanced threats
  • Use free, open source tools to conduct thorough memory forensics investigations
  • Generate timelines, track user activity, find hidden artifacts, and more

The companion website provides exercises for each chapter, plus data that can be used to test the various memory analysis techniques in the book. Visit our website at www.wiley.com/go/memoryforensics.

Product details

About the authors

Follow authors to get new release updates, plus improved recommendations.
Previous page
  1. Michael Ligh

    Michael Ligh

    Brief content visible, double tap to read full content.
    Full content visible, double tap to read brief content.

    Discover more of the author’s books, see similar authors, read book recommendations and more.

    See more on the author's page
  2. Jamie Levy

    Jamie Levy

    Brief content visible, double tap to read full content.
    Full content visible, double tap to read brief content.

    Jamie Levy is a senior researcher and developer with the Volatility Foundation. She worked on various R&D projects and forensic cases while previously working at Guidance Software, Inc. Jamie has taught classes in Computer Forensics and Computer Science at Queens College (CUNY) and John Jay College (CUNY). She has an MS in Forensic Computing from John Jay College and is an avid contributor to the open source Computer Forensics community. She is an active developer on the Volatility Framework. Jamie has authored peer-reviewed conference publications and presented at conferences (OMFW, CEIC, IEEE ICC) on the topics of memory, network, and malware forensics analysis. Websites: http://gleeda.blogspot.com.

    See more on the author's page
  3. Aaron Walters

    Aaron Walters

    Brief content visible, double tap to read full content.
    Full content visible, double tap to read brief content.

    Discover more of the author’s books, see similar authors, read book recommendations and more.

    See more on the author's page
  4. Andrew Case

    Andrew Case

    Brief content visible, double tap to read full content.
    Full content visible, double tap to read brief content.

    Discover more of the author’s books, see similar authors, read book recommendations and more.

    See more on the author's page
Next page

Related books

Page 1 of 1Start Over
Sponsored
Previous page
  1. Shop the Store on Amazon ›
    Learning C# by Developing Games with Unity: Get to grips with coding in C# and build simple 3D games in Unity 2023 from the ground up
    Learning C# by Developing Games with Unity: Get to grips with coding in C# and build simple 3D games in Unity 2023 from the ground up
    4.44.4 out of 5 stars125
    $44.99 List:$59.99
  2. Shop the Store on Amazon ›
    Cybersecurity Bible: The Complete Guide to Detect, Prevent and Manage Cyber Threats | Includes Practical Tests & Hacking Tips for IT Security Specialists
    Cybersecurity Bible: The Complete Guide to Detect, Prevent and Manage Cyber Threats | Includes Practical Tests & Hacking Tips for IT Security Specialists
    4.44.4 out of 5 stars94
    $29.97
  3. Shop the Store on Amazon ›
    Adobe Photoshop Made Simple: From 0 to Professional | A Step-by-Step Guide to Real Graphic Projects for Social Media, Marketing, and Freelancing
    Adobe Photoshop Made Simple: From 0 to Professional | A Step-by-Step Guide to Real Graphic Projects for Social Media, Marketing, and Freelancing
    4.74.7 out of 5 stars156
    $37.97
  4. Shop the Store on Amazon ›
    QuickBooks Online for Beginners: The Most Updated Illustrated Guide to QBO. Unlock Practical Tools, Automation Secrets, and Industry-Specific Strategies to Go from Zero to Pro Fast
    QuickBooks Online for Beginners: The Most Updated Illustrated Guide to QBO. Unlock Practical Tools, Automation Secrets, and Industry-Specific Strategies to Go from Zero to Pro Fast
    4.44.4 out of 5 stars225
    $26.95
  5. Shop the Store on Amazon ›
    Windows 11 for Seniors: A Complete Step-by-Step Guide to Learn Windows Effortlessly, with Illustrated Instructions and Simple Explanations. COLOR EDITION
    Windows 11 for Seniors: A Complete Step-by-Step Guide to Learn Windows Effortlessly, with Illustrated Instructions and Simple Explanations. COLOR EDITION
    4.34.3 out of 5 stars134
    $22.99
Next page

Customer reviews

4.7 out of 5 stars
215 global ratings

Customers say

Customers find the book well-written and in-depth, with one review highlighting its fantastic job of explaining technical analysis concepts. Moreover, the book serves as a definitive guide to memory forensics, and customers appreciate its well-structured format. However, opinions on value for money are mixed, with some customers finding it well worth the price.

Select to learn more

Information qualityMemory forensicsWriting qualityStructureValue for money
19 customers mention "Information quality"19 positive0 negative

Customers find the book informative and detailed, with one customer highlighting its fantastic job of explaining technical analysis concepts.

"Delivers detailed and accurate information, practical examples, additional information available online: "The book's supplementary materials are..." Read more

"...The book is an essential reference, reasonably complete and well written...." Read more

"Good overview and seems technically correct. Very good explanation and usage of the volatility framework." Read more

"The best technical book on the subject of memory forensics to date...." Read more

9 customers mention "Memory forensics"9 positive0 negative

Customers praise this book as a definitive guide to memory forensics, with one customer noting it is the most detailed book in the volatile memory space.

"The Art of Memory Forensics is one of the best written and edited tech books I have read...." Read more

"...best books in the digital forensics space and the most detailed book in the volatile memory space." Read more

"...is written by the Core Developers of Volatility and pioneers in the field of memory forensics...." Read more

"...Outstanding material, this book offers an in-depth, in-depth approach to memory analysis...." Read more

8 customers mention "Writing quality"7 positive1 negative

Customers find the book well written, with one customer noting it's a technical book by an industry leading expert, and several mentioning it helps in writing their own plugins.

"The Art of Memory Forensics is one of the best written and edited tech books I have read...." Read more

"...Thanks to one of the most well-organized, well-written, and informative I.T. books I have ever read, I was able to effectively isolate this piece of..." Read more

"...Silly me. This book is so well structured and written. Makes memory forensics fun." Read more

"...The book is an essential reference, reasonably complete and well written...." Read more

3 customers mention "Structure"3 positive0 negative

Customers appreciate the structure of the book.

"...Thanks to one of the most well-organized, well-written, and informative I.T. books I have ever read, I was able to effectively isolate this piece of..." Read more

"...The book is very well structured it covers the internals of the Operating System and then the authors explain how the structures are used by the..." Read more

"...Silly me. This book is so well structured and written. Makes memory forensics fun." Read more

3 customers mention "Value for money"2 positive1 negative

Customers have mixed opinions about the book's value for money, with some finding it well worth the price.

"...Well worth the price. A must for any serious forensics analyst who wants to stand out amongst his/her peers." Read more

"...but the site, for a book this costly, needs to be completed...." Read more

"Well worth the price, value far exceeds...." Read more

Buyer beware with Amazon.
2 out of 5 stars
Buyer beware with Amazon.
The book is good, it's Amazon that's to be cautious of. The entire book arrived torn up like the warehouse workers threw it across the warehouse before putting it in a shipping box.
Hide
Thank you for your feedback
Sorry, there was an error
Sorry we couldn't load the review

Top reviews from the United States

  • Amazon_Customer
    5.0 out of 5 stars The Best Book Ever and You will never put it down
    Reviewed in the United States on November 14, 2014
    Format: PaperbackVerified Purchase
    This book is one of the best book i have read in recent years. This is a book for anyone in the field of Incident Response, Malware Analysis, Reverse Engineering and Digital Forensics. This book is written by the Core Developers of Volatility and pioneers in the field of memory forensics.The book is very well structured it covers the internals of the Operating System and then the authors explain how the structures are used by the plugins, the authors also show how these plugins can be run against the memory images with real case examples to identify forensic artifacts. In many cases the authors show how to access the operating system structures programmatically using the volshell, this can help in writing your own plugins and also the author references various external sources where you can find more information on a specific topic. The book covers many creative techniques that you can apply in the real world and it also covers information on the Anti-Forensics techniques and how to detect them by cross referencing them with different plugins/data sources. The amount of detail explained in the book shows the knowledge and amount of research the authors have done in this field and the effort the authors have put in to write this book and the Volatility plugins. In short After reading this book you will understand how the operating system works, how the Volatility works, how malware works, how memory forensics work, how to identify the malware and forensic artifacts using memory forensics, how to write your own plugin. I have never seen any book covering these many details, this is one book for everything on memory forensics. This definitely should be the Book of the Year. If there was an option of giving this book ten stars, i would give it ten stars.
    4 people found this helpful
    Helpful
     Report
  • Professor dot biz
    5.0 out of 5 stars Outstanding Text Needs Additional Web Resources
    Reviewed in the United States on September 18, 2014
    Format: PaperbackVerified Purchase
    At this writing (Fall 2014) the Wiley instructor companion website is not up to Wiley standards (yet). I wanted to test the code for this review, but the code section on the site only defaults to the creative commons license (both the code and license links). Same with all the chapters, they only display commons, a strawman syllabus and an intro letter. They only resource that is already up is the Powerpoint presentation, and at over 100 pages it is simply OUTSTANDING, which whets the appetite even more for the rest of the outlines, solutions, code, and much more.

    So, Wiley, get with it! If you are considering buying this, add your vote in comments and Wiley might listen. I'll update this once we get the code, both with quality of the code and where it can be used. Going over the license so far, it is quite generous, much like GNU with an attribution link, although of course more robust beyond teaching (eg commercial) if you do get permission. The text itself has wonderful, up to date sploit and software info, patches, etc. but the site, for a book this costly, needs to be completed. I'm not recommending you pass on this because of it, but we won't be getting the full value for our purchase, nor will our students, until the site is completed.

    REVIEW UPDATE: SEE MICHAEL'S COMMENT ATTACHED TO THIS REVIEW. Although Amazon's automated system generally removes links, the comment gives complete and up to date online resources for this book, as the publisher's link is incomplete, and will not be updated. The publisher promotion of online evidence samples, code, etc. is not wrong or deceptive, it is just on github rather than the publisher's site as indicated. PLEASE VIEW THE COMMENT AND VISIT THE SITES INDICATED IN THE COMMENT BEFORE LEAVING A NEGATIVE REVIEW-- the resources ARE there, just not where advertised. Also, see Michael's other best seller at: Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code.

    If you are price conscious, notice that in addition to the generous web resources in the comment (including open source/ freeware), the book is over 900 pages long, and PACKED with practical, use-it-now reference and learning tools. I've already visited the samples, and they are awesome, especially given that they cover the most frequent o/s permutations. Both Windows and Linux give the exact traces indicated, these authors are the real thing.
    18 people found this helpful
    Helpful
     Report
  • David C. Malone
    5.0 out of 5 stars Invaluable
    Reviewed in the United States on February 23, 2015
    Format: PaperbackVerified Purchase
    I have worked in I.T. for 15 years - in Windows system administration, database administration, and utility software development. About one month ago I started reading heavily on security, and planned for 2015 a shift in career focus to that discipline. So I bought this book and began to read. This had immediate payoff just 2 days ago when I noticed an email from our security team that an IDS had detected a possible Trojan signature on one of our servers. Another analyst ran a full AV scan, and when she found nothing, the email thread dried up. Not so convinced (I had just read the fact on Mandiant's website that "100% of victims had up-to-date AV software), I triggered a complete memory dump on the server using LiveKD and began working on it with WinDbg commands and Volatility Framework. Within the first few hours, it appeared that there certainly looked to be a rootkit-like presence, but with my limited security knowledge and, even though I debug a kernel dump every now and then, I don't usually look at things like the IDT 2e entry, etc. However, 15 hours into researching my first real-life production issue, I completely narrowed down the source and contacted the security team and account management. This server would have continued to operate under the radar with the standard tools continually missing the malware's presence and caused who knows what problems. Thanks to one of the most well-organized, well-written, and informative I.T. books I have ever read, I was able to effectively isolate this piece of malware. This book is an absolute must for anyone even employed in I.T. with responsibilities over safeguarding company networks and infrastructure, and (unfortunately) these days, should probably be employed by anyone at all that plugs in an Ethernet cable or attaches to Wi-Fi! Outstanding material - thanks very much.
    69 people found this helpful
    Helpful
     Report

Top reviews from other countries

Translate all reviews to English
  • Derek Armstrong
    5.0 out of 5 stars If you do any kind of forensics, you need ...
    Reviewed in Canada on July 30, 2017
    Format: PaperbackVerified Purchase
    If you do any kind of forensics, you need memory forensics. And this book is the current bible for it. I have learned more from this book than any other in digital security.
    Report
  • jubalgunn
    5.0 out of 5 stars Essential for those conducting memory analysis.
    Reviewed in the United Kingdom on November 14, 2015
    Format: PaperbackVerified Purchase
    The Art of Memory Forensics is like the equivalent of the bible in Memory Forensic terms. It is a must have and a must have if you are actively involved in computer forensic investigations whether this be in the private or public sector. Do not be intimidated by the size of the book it is very well laid out , easy t understand and contains a treasure trove of information concerning the examination of memory. The main tool used is Volatility which this book explains in detail how to use and leverage in investigations to get the most evidence.
    Report
  • christian
    5.0 out of 5 stars Ottimo punto di riferimento
    Reviewed in Italy on January 21, 2021
    Format: PaperbackVerified Purchase
    Il libro si presenta bene molto dettagliato nei vari processi e spiegazioni molto tecnico
    Report
  • Eliana N. Vale
    5.0 out of 5 stars Livro foi comprado para presente
    Reviewed in Brazil on May 4, 2021
    Format: PaperbackVerified Purchase
    Parece ser muito bom; foi indicado por um especialista na área
    Report
  • Lucas
    5.0 out of 5 stars Très bon livre
    Reviewed in France on August 30, 2021
    Format: PaperbackVerified Purchase
    Un très bon livre, mais pour bien l’apprécier, il faudra malgré tout avoir une bonne base technique
    Report