Description

Book Synopsis

Learn Windows system design from the PE binary structure to modern and practical attack techniques used by red teams to implement advanced prevention

Purchase of the print or Kindle book includes a free PDF eBook

Key Features
  • Understand how malware evades modern security products
  • Learn to reverse engineer standard PE format program files
  • Become familiar with modern attack techniques used by multiple red teams
Book Description

An Advanced Persistent Threat (APT) is a severe form of cyberattack that lies low in the system for a prolonged time and locates and then exploits sensitive information. Preventing APTs requires a strong foundation of basic security techniques combined with effective security monitoring. This book will help you gain a red team perspective on exploiting system design and master techniques to prevent APT attacks. Once you've understood the internal design of operating systems, you'll be ready to get hands-on with red team attacks and, further, learn how to create and compile C source code into an EXE program file. Throughout this book, you'll explore the inner workings of how Windows systems run and how attackers abuse this knowledge to bypass antivirus products and protection.

As you advance, you'll cover practical examples of malware and online game hacking, such as EXE infection, shellcode development, software packers, UAC bypass, path parser vulnerabilities, and digital signature forgery, gaining expertise in keeping your system safe from this kind of malware.

By the end of this book, you'll be well equipped to implement the red team techniques that you've learned on a victim's computer environment, attempting to bypass security and antivirus products, to test its defense against Windows APT attacks.

What you will learn
  • Explore various DLL injection techniques for setting API hooks
  • Understand how to run an arbitrary program file in memory
  • Become familiar with malware obfuscation techniques to evade antivirus detection
  • Discover how malware circumvents current security measures and tools
  • Use Microsoft Authenticode to sign your code to avoid tampering
  • Explore various strategies to bypass UAC design for privilege escalation
Who this book is for

This book is for cybersecurity professionals- especially for anyone working on Windows security, or malware researchers, network administrators, ethical hackers looking to explore Windows exploit, kernel practice, and reverse engineering. A basic understanding of reverse engineering and C/C++ will be helpful.



Table of Contents
Table of Contents
  1. From Source to Binaries – The Journey of a C Program
  2. Process Memory – File Mapping, PE Parser, tinyLinker, and Hollowing
  3. Dynamic API Calling – Thread, Process, and Environment Information
  4. Shellcode Technique – Exported Function Parsing
  5. Application Loader Design
  6. PE Module Relocation
  7. PE to Shellcode – Transforming PE Files into Shellcode
  8. Software Packer Design
  9. Digital Signature – Authenticode Verification
  10. Reversing User Account Control and Bypassing Tricks
  11. Appendix – NTFS, Paths, and Symbols

Windows APT Warfare: Identify and prevent Windows

    Product form

    £32.29

    Includes FREE delivery

    RRP £33.99 – you save £1.70 (5%)

    Order before 4pm tomorrow for delivery by Wed 10 Jun 2026.

    A Paperback / softback by Sheng-Hao Ma, Ziv Chang, Federico Maggi

    1 in stock


      View other formats and editions of Windows APT Warfare: Identify and prevent Windows by Sheng-Hao Ma

      Publisher: Packt Publishing Limited
      Publication Date: 17/03/2023
      ISBN13: 9781804618110, 978-1804618110
      ISBN10: 180461811X
      Also in:
      Computing Computer security Network security

      Description

      Book Synopsis

      Learn Windows system design from the PE binary structure to modern and practical attack techniques used by red teams to implement advanced prevention

      Purchase of the print or Kindle book includes a free PDF eBook

      Key Features
      • Understand how malware evades modern security products
      • Learn to reverse engineer standard PE format program files
      • Become familiar with modern attack techniques used by multiple red teams
      Book Description

      An Advanced Persistent Threat (APT) is a severe form of cyberattack that lies low in the system for a prolonged time and locates and then exploits sensitive information. Preventing APTs requires a strong foundation of basic security techniques combined with effective security monitoring. This book will help you gain a red team perspective on exploiting system design and master techniques to prevent APT attacks. Once you've understood the internal design of operating systems, you'll be ready to get hands-on with red team attacks and, further, learn how to create and compile C source code into an EXE program file. Throughout this book, you'll explore the inner workings of how Windows systems run and how attackers abuse this knowledge to bypass antivirus products and protection.

      As you advance, you'll cover practical examples of malware and online game hacking, such as EXE infection, shellcode development, software packers, UAC bypass, path parser vulnerabilities, and digital signature forgery, gaining expertise in keeping your system safe from this kind of malware.

      By the end of this book, you'll be well equipped to implement the red team techniques that you've learned on a victim's computer environment, attempting to bypass security and antivirus products, to test its defense against Windows APT attacks.

      What you will learn
      • Explore various DLL injection techniques for setting API hooks
      • Understand how to run an arbitrary program file in memory
      • Become familiar with malware obfuscation techniques to evade antivirus detection
      • Discover how malware circumvents current security measures and tools
      • Use Microsoft Authenticode to sign your code to avoid tampering
      • Explore various strategies to bypass UAC design for privilege escalation
      Who this book is for

      This book is for cybersecurity professionals- especially for anyone working on Windows security, or malware researchers, network administrators, ethical hackers looking to explore Windows exploit, kernel practice, and reverse engineering. A basic understanding of reverse engineering and C/C++ will be helpful.



      Table of Contents
      Table of Contents
      1. From Source to Binaries – The Journey of a C Program
      2. Process Memory – File Mapping, PE Parser, tinyLinker, and Hollowing
      3. Dynamic API Calling – Thread, Process, and Environment Information
      4. Shellcode Technique – Exported Function Parsing
      5. Application Loader Design
      6. PE Module Relocation
      7. PE to Shellcode – Transforming PE Files into Shellcode
      8. Software Packer Design
      9. Digital Signature – Authenticode Verification
      10. Reversing User Account Control and Bypassing Tricks
      11. Appendix – NTFS, Paths, and Symbols

      Recently viewed products

      © 2026 Book Curl

        • American Express
        • Apple Pay
        • Diners Club
        • Discover
        • Google Pay
        • Maestro
        • Mastercard
        • PayPal
        • Shop Pay
        • Union Pay
        • Visa

        Login

        Forgot your password?

        Don't have an account yet?
        Create account