// Comparison

The Art of Mac Malware, Volume 1 vs Les virus informatiques : théorie, pratique et applications: Which Should You Read?

Two cybersecurity books on Malware, compared honestly: who each is for, what each does best, and which to read first.

Advanced

4/52022

The Guide to Analyzing Malicious Software

Patrick Wardle

Patrick Wardle's deep dive on macOS malware analysis: persistence patterns, injection techniques, anti-analysis tricks, and the macOS-specific tooling needed to triage real samples.

Advanced

5/52009

Les virus informatiques : théorie, pratique et applications

Éric Filiol

Éric Filiol's reference French-language treatment of computer virology. Formal theory, infection mechanisms, offensive and defensive applications, with academic rigor rare on the topic.

Read this if

Malware analysts who need to handle macOS samples and have so far worked Windows-only. The only serious book in print on Mac malware, by the most prominent practitioner in the field.

French-reading security students, researchers, advanced malware analysts who want a formal treatment — French-language literature on the topic is thin.

Skip this if

Analysts who don't see macOS in their pipeline. The platform specifics (Mach-O, code signing, TCC, XPC, launch agents) are non-transferable to other operating systems.

Readers looking for a tooling manual or introduction. Filiol writes dense; algorithmic and systems fundamentals are required.

Key takeaways

Mach-O analysis differs from PE analysis in non-trivial ways; the chapters on entitlements, code signing, and notarization are the practical foundation.
macOS persistence has its own taxonomy (LaunchAgents, LaunchDaemons, login items, period plists, dylib hijacks); learning it is half the analyst's job.
Apple's own tooling (Console.app, sample, fs_usage, Endpoint Security framework) is the right starting toolkit for triage; Wardle's framing is the cleanest in print.

Prix Roberval 2005 (higher-education category) — one of the few French cyber books awarded at that level.
Filiol is a former military cryptanalyst and ran ESAT then ESIEA's virology lab; academic sourcing is visible chapter by chapter.
The only French-language book that treats computer virology with university-textbook rigor.

How they compare

We rate Les virus informatiques : théorie, pratique et applications higher (5/5 against 4/5 for The Art of Mac Malware, Volume 1). For most readers, that means Les virus informatiques : théorie, pratique et applications is the primary pick and The Art of Mac Malware, Volume 1 is a useful follow-up.

Both books target advanced-level readers, so the choice is about topic, not difficulty.

The Art of Mac Malware, Volume 1 and Les virus informatiques : théorie, pratique et applications both cover Malware, Reverse Engineering, so reading them in sequence reinforces the same material from different angles.

Keep reading

The Art of Mac Malware, Volume 1

→ Alternatives to The Art of Mac Malware, Volume 1 → What to read after The Art of Mac Malware, Volume 1