Cyber Shelf

// Prerequisites

What to read before Evading EDR

If Evading EDR feels too steep at advanced level, here is what to read first. Lighter books in the same topics that build the prerequisites this one assumes.

OffensiveMalwareDetection

  1. 01 · 2018

    Malware Data Science

    Saxe and Sanders apply machine-learning techniques (classification, clustering, deep learning) to malware detection and attribution, with working Python code and real corpora.

    Intermediate
    4/5Joshua Saxe, Hillary Sanders

  2. 02 · 2008

    Hacking: The Art of Exploitation

    A from-first-principles tour of low-level exploitation that still teaches the mindset two decades later.

    Intermediate
    5/5Jon Erickson

  3. 03 · 2012

    Practical Malware Analysis

    Still the gold standard textbook for static and dynamic malware analysis on Windows.

    Intermediate
    5/5Michael Sikorski, Andrew Honig

  4. 04 · 2013

    The Practice of Network Security Monitoring

    Richard Bejtlich's NSM playbook: how to deploy collection sensors, validate that you actually see what you think you see, and build detection workflows around open-source tools.

    Intermediate
    5/5Richard Bejtlich

  5. 05 · 2011

    A Bug Hunter's Diary

    Tobias Klein walks through seven real vulnerabilities he found and exploited, in the form of personal lab notes, what he tried, what failed, and what eventually shipped to vendors.

    Intermediate
    4/5Tobias Klein

  6. 06 · 2013

    Applied Network Security Monitoring

    A practitioner's walkthrough of building an NSM capability end to end, from deciding what to collect through detection and the analysis workflow that ties it together. The tooling is dated, but the way it teaches you to think about monitoring is not.

    Intermediate
    4/5Chris Sanders, Jason Smith

  7. 07 · 2024

    Black Hat Bash

    Nick Aleks and Dolev Farhi on getting offensive work done with the shell: privilege escalation tooling, lateral movement, and pipelining bash with the rest of the toolkit.

    Intermediate
    4/5Nick Aleks, Dolev Farhi

  8. 08 · 2020

    Black Hat Go

    Tom Steele, Chris Patten, and Dan Kottmann show how to use Go's networking primitives, concurrency model, and cross-compilation to write offensive tooling that runs almost anywhere.

    Intermediate
    4/5Tom Steele, Chris Patten, Dan Kottmann
Back to Evading EDRWhat to read after Evading EDR