Cyber Shelf

// Comparison

The Art of Mac Malware, Volume 1 vs Les virus informatiques: Which Should You Read?

Two cybersecurity books on Malware, compared honestly: who each is for, what each does best, and which to read first.

Advanced
4/52022
The Art of Mac Malware, Volume 1

The Guide to Analyzing Malicious Software

Patrick Wardle

Patrick Wardle's deep dive on macOS malware analysis: persistence patterns, injection techniques, anti-analysis tricks, and the macOS-specific tooling needed to triage real samples.

Advanced
4/52009
Les virus informatiques

Théorie, pratique et applications

Éric Filiol

The reference French academic treatment of computer virology — the theory, algorithms and practice of viruses and malicious code — by Éric Filiol, a former military cryptanalyst and one of France's leading virologists.

Read this if

Malware analysts who need to handle macOS samples and have so far worked Windows-only. The only serious book in print on Mac malware, by the most prominent practitioner in the field.
Students, researchers and serious malware analysts who want the formal, algorithmic foundations of viral code, not just tool tutorials. Filiol writes from deep cryptanalysis and military research experience.

Skip this if

Analysts who don't see macOS in their pipeline. The platform specifics (Mach-O, code signing, TCC, XPC, launch agents) are non-transferable to other operating systems.
Beginners or readers wanting a practical malware-analysis walkthrough; it's rigorous, theory-first and mathematical, closer to a graduate text than a lab guide.

Key takeaways

  • Mach-O analysis differs from PE analysis in non-trivial ways; the chapters on entitlements, code signing, and notarization are the practical foundation.
  • macOS persistence has its own taxonomy (LaunchAgents, LaunchDaemons, login items, period plists, dylib hijacks); learning it is half the analyst's job.
  • Apple's own tooling (Console.app, sample, fs_usage, Endpoint Security framework) is the right starting toolkit for triage; Wardle's framing is the cleanest in print.
  • The canonical French-language text on the theory of computer viruses, by a recognised authority.
  • Theory- and algorithm-first: formal models of self-reproduction, detection complexity, and viral techniques.
  • Best read after a practical malware book — it explains why the techniques work, not how to click through a sandbox.

How they compare

The Art of Mac Malware, Volume 1 and Les virus informatiques are both rated 4/5 in our catalog. Pick by topic preference and reading style rather than by rating.

Both books target advanced-level readers, so the choice is about topic, not difficulty.

The Art of Mac Malware, Volume 1 and Les virus informatiques both cover Malware, Reverse Engineering, so reading them in sequence reinforces the same material from different angles.

Keep reading

The Art of Mac Malware, Volume 1

Alternatives to The Art of Mac Malware, Volume 1What to read after The Art of Mac Malware, Volume 1

Les virus informatiques

Alternatives to Les virus informatiquesWhat to read after Les virus informatiques

Related topics

MalwareReverse Engineering