Cyber Shelf

// Comparison

Les virus informatiques vs Rootkits and Bootkits: Which Should You Read?

Two cybersecurity books on Malware, compared honestly: who each is for, what each does best, and which to read first.

Advanced
4/52009
Les virus informatiques

Théorie, pratique et applications

Éric Filiol

The reference French academic treatment of computer virology — the theory, algorithms and practice of viruses and malicious code — by Éric Filiol, a former military cryptanalyst and one of France's leading virologists.

Advanced
4/52019
Rootkits and Bootkits

Reversing Modern Malware and Next Generation Threats

Alex Matrosov, Eugene Rodionov, Sergey Bratus

Matrosov, Rodionov and Bratus on persistent, deeply-embedded malware: kernel rootkits, MBR/UEFI bootkits, and the forensic techniques that surface them. Strongly Windows-internals oriented.

Read this if

Students, researchers and serious malware analysts who want the formal, algorithmic foundations of viral code, not just tool tutorials. Filiol writes from deep cryptanalysis and military research experience.
Malware analysts who need to handle below-the-OS persistence: kernel rootkits, MBR/UEFI bootkits, hypervisor-based threats. The deep specialist text in this corner of the field.

Skip this if

Beginners or readers wanting a practical malware-analysis walkthrough; it's rigorous, theory-first and mathematical, closer to a graduate text than a lab guide.
Generalist malware analysts, or anyone whose work doesn't touch firmware-level threats. The book is dense and assumes Windows internals fluency; readers without that background will struggle.

Key takeaways

  • The canonical French-language text on the theory of computer viruses, by a recognised authority.
  • Theory- and algorithm-first: formal models of self-reproduction, detection complexity, and viral techniques.
  • Best read after a practical malware book — it explains why the techniques work, not how to click through a sandbox.
  • Bootkits and UEFI rootkits are not theoretical; the book documents real samples (LoJax, MoonBounce, BlackLotus-class) and the techniques that make them detectable.
  • Secure Boot is necessary but not sufficient; the chapters on UEFI variables and SMM trust are required reading for anyone designing platform security.
  • Forensic detection of below-the-OS threats requires platform-specific tooling; the book's coverage of memory-acquisition pitfalls and integrity verification is the practical core.

How they compare

Les virus informatiques and Rootkits and Bootkits are both rated 4/5 in our catalog. Pick by topic preference and reading style rather than by rating.

Both books target advanced-level readers, so the choice is about topic, not difficulty.

Les virus informatiques and Rootkits and Bootkits both cover Malware, Reverse Engineering, so reading them in sequence reinforces the same material from different angles.

Keep reading

Les virus informatiques

Alternatives to Les virus informatiquesWhat to read after Les virus informatiques

Rootkits and Bootkits

Alternatives to Rootkits and BootkitsWhat to read after Rootkits and Bootkits

Related topics

MalwareReverse Engineering