Cyber Shelf

// Alternatives

Alternatives to Practical Reverse Engineering

Books in our catalog with overlapping topics and a similar reading level to Practical Reverse Engineering. If Practical Reverse Engineering is the wrong fit at advanced level, start here.

Reverse EngineeringMalwareWindows Internals

  1. 01 · 2019

    Rootkits and Bootkits

    Matrosov, Rodionov and Bratus on persistent, deeply-embedded malware: kernel rootkits, MBR/UEFI bootkits, and the forensic techniques that surface them. Strongly Windows-internals oriented.

    Advanced
    4/5Alex Matrosov, Eugene Rodionov, Sergey Bratus

  2. 02 · 2024

    Evasive Malware

    Kyle Cucci on the anti-analysis arms race: sandbox detection, anti-debug, anti-VM, packing, and the analyst-side tooling and tradecraft that get past those layers.

    Advanced
    4/5Kyle Cucci

  3. 03 · 2022

    The Art of Mac Malware, Volume 1

    Patrick Wardle's deep dive on macOS malware analysis: persistence patterns, injection techniques, anti-analysis tricks, and the macOS-specific tooling needed to triage real samples.

    Advanced
    4/5Patrick Wardle

  4. 04 · 2009

    Les virus informatiques

    The reference French academic treatment of computer virology — the theory, algorithms and practice of viruses and malicious code — by Éric Filiol, a former military cryptanalyst and one of France's leading virologists.

    Advanced
    4/5Éric Filiol

  5. 05 · 2017

    Windows Internals, Part 1

    The canonical Microsoft Press reference on Windows internals: how processes, threads, memory and system services are actually implemented in the modern Windows kernel. User-mode focus in this volume.

    Advanced
    5/5Pavel Yosifovich, Alex Ionescu, Mark Russinovich, David Solomon

  6. 06 · 2012

    Practical Malware Analysis

    Still the gold standard textbook for static and dynamic malware analysis on Windows.

    Intermediate
    5/5Michael Sikorski, Andrew Honig

  7. 07 · 2024

    Windows Security Internals

    Forshaw takes apart the Windows security model from the SRM and access tokens up through Kerberos, with live PowerShell you can run against your own machine. The most authoritative single source on how Windows actually decides who can do what.

    Advanced
    5/5James Forshaw

  8. 08 · 2021

    The Hardware Hacking Handbook

    Jasper van Woudenberg and Colin O'Flynn (NewAE / ChipWhisperer) on real hardware attacks: bus sniffing, fault injection, side-channel power analysis, and the lab work that turns a black box into a known target.

    Advanced
    5/5Jasper van Woudenberg, Colin O'Flynn

  9. 09 · 2018

    Practical Binary Analysis

    Dennis Andriesse on the binary toolchain you can actually script: ELF internals, dynamic taint analysis, symbolic execution and instrumentation with concrete code-along examples.

    Advanced
    5/5Dennis Andriesse

  10. 10 · 2014

    The Art of Memory Forensics

    Ligh, Case, Levy, and Walters' canonical reference on memory analysis with Volatility — the technique, the tooling, and the operating-system internals it depends on, across Windows, Linux, and macOS.

    Advanced
    5/5Michael Hale Ligh, Andrew Case, Jamie Levy, AAron Walters
Back to Practical Reverse EngineeringWhat to read after Practical Reverse Engineering