Acknowledgments

First, I would like to thank God for this blessing. Second, I would like to thank all the people who were involved in one way or another in the creation of this book: Amanda Russell, Brandi Shailer, Melinda Lytle, Wendy Rinaldi, and Amy Jollymore. Special thanks go out to Meghan Manfre for seeing the book through; Meghan’s support, patience, and understanding were instrumental in finishing this book. And thanks to Jong Purisima for sharing his views and expertise as technical editor of this book.

Thank you to Amit Yoran, President of RSA, for writing the foreword of this book. I really appreciate him taking time out of his busy schedule to share his thoughts about this book. A big thank you goes out to my colleagues, Rotem Salinas and Ahmed Sonbol, for their contribution in the laboratory part of this book.

Specifically, thanks to Rotem Salinas for sharing his knowledge in malware analysis through the following labs:

   Manually Unpacking a Packed Malware

   Analyzing a User Mode Rootkit

   Analyzing a Kernel Mode Rootkit

Also, thanks to Ahmed Sonbol for sharing his experience in Cuckoo through this lab:

   Installing and Configuring Cuckoo

Rotem Salinas is a security researcher on RSA’s FirstWatch Team. His work focuses on reverse engineering malware and research-oriented development of tools for this purpose. You are most likely to find him coding in Python, C++, Assembly, and .NET. Rotem has spoken at security conventions such as RSA Conference 2015 and RSA Global Summit 2014.

Ahmed Sonbol is a senior technologist at RSA, The Security Division of EMC. He focuses on malware analysis and reverse engineering. Ahmed has years of experience in writing log and network parsers for different RSA products. He holds a Master of Science Degree in Computer Science from Northeastern University in Boston and a Bachelor of Science Degree in Computer Science and Automatic Control from Alexandria University in Egypt.