Understanding the Purpose of Malware Analysis

Hackers use tools (known as malware: scripts, code, software, and so on) to carry out their attacks against targeted systems or networks. Once they have compromised a host, they often employ another set of tools to further exploit the system and its associated network. These tools are thus their weapons, and it is by examining these weapons that you will come to know and understand the intruders and their nefarious intentions. With that knowledge you can defeat them; in this case, that means naming them as defendants in a criminal proceeding.

What kind of knowledge and understanding can you expect to achieve by analyzing the intruder’s tools? Your purposes in this regard are many, but one of the first ...

Get Mastering Windows Network Forensics and Investigation, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.