Cyber Shelf

// What to read next

What to read after Rootkits and Bootkits

Where to go after Rootkits and Bootkits, picked from our catalog. The next step up from advanced level, weighted toward the topics this book covers.

MalwareReverse EngineeringWindows Internals

  1. 01 · 2014

    Practical Reverse Engineering

    A working reverser's textbook from three Microsoft / Quarkslab veterans, covering the architectures and toolchain you'll actually meet on real targets, including the Windows kernel and modern obfuscation patterns.

    Advanced
    4/5Bruce Dang, Alexandre Gazet, Elias Bachaalany

  2. 02 · 2024

    Evasive Malware

    Kyle Cucci on the anti-analysis arms race: sandbox detection, anti-debug, anti-VM, packing, and the analyst-side tooling and tradecraft that get past those layers.

    Advanced
    4/5Kyle Cucci

  3. 03 · 2009

    Les virus informatiques

    The reference French academic treatment of computer virology — the theory, algorithms and practice of viruses and malicious code — by Éric Filiol, a former military cryptanalyst and one of France's leading virologists.

    Advanced
    4/5Éric Filiol

  4. 04 · 2022

    The Art of Mac Malware, Volume 1

    Patrick Wardle's deep dive on macOS malware analysis: persistence patterns, injection techniques, anti-analysis tricks, and the macOS-specific tooling needed to triage real samples.

    Advanced
    4/5Patrick Wardle

  5. 05 · 2017

    Windows Internals, Part 1

    The canonical Microsoft Press reference on Windows internals: how processes, threads, memory and system services are actually implemented in the modern Windows kernel. User-mode focus in this volume.

    Advanced
    5/5Pavel Yosifovich, Alex Ionescu, Mark Russinovich, David Solomon

  6. 06 · 2018

    Practical Binary Analysis

    Dennis Andriesse on the binary toolchain you can actually script: ELF internals, dynamic taint analysis, symbolic execution and instrumentation with concrete code-along examples.

    Advanced
    5/5Dennis Andriesse

  7. 07 · 2014

    The Art of Memory Forensics

    Ligh, Case, Levy, and Walters' canonical reference on memory analysis with Volatility — the technique, the tooling, and the operating-system internals it depends on, across Windows, Linux, and macOS.

    Advanced
    5/5Michael Hale Ligh, Andrew Case, Jamie Levy, AAron Walters

  8. 08 · 2021

    The Hardware Hacking Handbook

    Jasper van Woudenberg and Colin O'Flynn (NewAE / ChipWhisperer) on real hardware attacks: bus sniffing, fault injection, side-channel power analysis, and the lab work that turns a black box into a known target.

    Advanced
    5/5Jasper van Woudenberg, Colin O'Flynn
Back to Rootkits and BootkitsAlternatives to Rootkits and Bootkits