// Comparison

Evasive Malware vs Les virus informatiques : théorie, pratique et applications: Which Should You Read?

Two cybersecurity books on Malware, compared honestly: who each is for, what each does best, and which to read first.

Advanced

4/52024

A Field Guide to Detecting, Analyzing, and Defeating Advanced Threats

Kyle Cucci

Kyle Cucci on the anti-analysis arms race: sandbox detection, anti-debug, anti-VM, packing, and the analyst-side tooling and tradecraft that get past those layers.

Advanced

5/52009

Les virus informatiques : théorie, pratique et applications

Éric Filiol

Éric Filiol's reference French-language treatment of computer virology. Formal theory, infection mechanisms, offensive and defensive applications, with academic rigor rare on the topic.

Read this if

Malware analysts who finished Practical Malware Analysis and keep getting beaten by samples that detect their sandbox. The current reference on anti-analysis tradecraft, by a respected sandbox-and-detection practitioner.

French-reading security students, researchers, advanced malware analysts who want a formal treatment — French-language literature on the topic is thin.

Skip this if

Beginners. Cucci assumes you already know how to set up a sandbox, run static and dynamic analysis, and read assembly; the book picks up where PMA leaves off.

Readers looking for a tooling manual or introduction. Filiol writes dense; algorithmic and systems fundamentals are required.

Key takeaways

Anti-VM and anti-sandbox checks now run as the first instructions of most samples; the book catalogues the dominant patterns and how to neutralise them.
Modern packers are conceptually simple but operationally demanding; Cucci's framing of unpacking-as-staged-emulation is the cleanest in print.
Control-flow obfuscation (opaque predicates, virtualization-based protections) is the analyst's hardest current problem; the chapters on it justify the book on their own.

Prix Roberval 2005 (higher-education category) — one of the few French cyber books awarded at that level.
Filiol is a former military cryptanalyst and ran ESAT then ESIEA's virology lab; academic sourcing is visible chapter by chapter.
The only French-language book that treats computer virology with university-textbook rigor.

How they compare

We rate Les virus informatiques : théorie, pratique et applications higher (5/5 against 4/5 for Evasive Malware). For most readers, that means Les virus informatiques : théorie, pratique et applications is the primary pick and Evasive Malware is a useful follow-up.

Both books target advanced-level readers, so the choice is about topic, not difficulty.

Evasive Malware and Les virus informatiques : théorie, pratique et applications both cover Malware, Reverse Engineering, so reading them in sequence reinforces the same material from different angles.

Keep reading

Evasive Malware

→ Alternatives to Evasive Malware → What to read after Evasive Malware